hass-auth-header
hass-auth-header copied to clipboard
BeryJu
Mobile app support?
I just setup auth_header with use of swag and Authelia authentication. It works fine in the browser but on the mobile companion app it just gets a black screen when i try to set it up.
Is the mobile app not supported?
I'm using it successfully with the app, however I had to protect only a very specific subset of the proxy, else every request will have to be authorized which breaks the API (at least I think)
Maybe try something like this (adapted to Authelia, I use Apache with Shibboleth):
I've not had to do anything custom, the App just works for me (using authentik as IDP, envoy/istio ingress on k8s and using proxy mode for HASS)
I had to wipe the data for my app to get it to work (on Android 12). Otherwise, it would try to open a browser and never work.
I can't get this to work, it will always try to open the browser (even after clearing the app as @AngellusMortis mentioned). Anyone that can tell me what they did perhaps?
This is an issue with the app, https://github.com/home-assistant/android/issues/1438
Try this, it works for me with the app: https://github.com/home-assistant/android/issues/1438#issuecomment-1244106690
@BeryJu By any chance, do you use iOS for HA app? Reading around a bit it seems that the iOS app works (although config is not easy, you should only proxy /auth), but that the Android app uses a really old Webview that makes Authentik impossible to use.
For me on Android, if you reset all data for the HA app and enter the URL (with Authentik Proxy configured), it shows Authentik in messed up state without FIDO2 support.
Seems more like a badly designed app, using old Android Webviews instead of Chrome Custom Tabs.
Conclusion, if you use 2FA and/or Android, this does not seem like a good route until HA gets their #$@ together and implements proper external OpenID Connect into their app.
