Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Remove direct authentication via trusted networks or API password #27656
It is no longer possible to make authenticated requests using trusted networks or by appending
These features were deprecated in Home Assistant 0.90 and 0.91 (released around April 2019). It was initially planned to be dropped in Home Assistant 0.96 (released July 17, 2019).
This also removes support of configuring the auth providers for API Password and Trusted Networks via the HTTP configuration. It now needs to be configured in the auth provider section (docs).
This removes the option to directly authenticate with Home Assistant API endpoints by adding an API password or by making the request from a trusted network. These features have been deprecated since early April of this year and were initially planned to be removed on July 17 with the release of Home Assistant 0.96.
Direct authentication meant that you could make an authenticated request without a bearer token by making the request from a trusted network or appending
These features are still available as authentication providers (docs).
The feature to use API passwords for direct authentication has been deprecated since Home Assistant 0.90 released on March 20, 2019 (#21884).
The feature to use trusted networks for direct authentication has been deprecated since Home Assistant 0.91 released on April 3, 2019 (#22487).
Related issue (if applicable): fixes home-assistant/architecture#174
Pull request with documentation for home-assistant.io (if applicable): home-assistant/home-assistant.io#<home-assistant.io PR number goes here>
If the code does not interact with devices: