Authenticate in the app with a token?

[BartG95]

:question: Question

As of recently, ntfy gained the ability to authenticate with access tokens. Is it just me, or isn't that yet available in the Android app?

If not yet available, this issue might as well turn into a feature request.

[binwiederhier]

I think that's a pretty good idea. We may want to do this when we implement the user account sync stuff (#523, /cc @wunter8). My thought was to do it similarly to the web app. You log in with username/password, and then you create a token and store that locally. This way nothing would change from the user-perspective, but if your phone gets stolen your username/password is not at risk.

[killermouse0]

I would also love it if it was possible to provide an Oauth Personal Access Token, because my self-hosted NTFY instance is behind an authenticating proxy (Zitadel). Might be too much of a niche request, but I'm just putting it here to gauge interest from others!

[brevilo]

I think that's a pretty good idea. We may want to do this when we implement the user account sync stuff (#523, /cc @wunter8).

This sounds like this could take some time. Please correct me if I'm wrong but it seems like the low-hanging fruit could be to just disable the input validation on the user name field and accept an empty one, no? The token doc reads:

Alternatively, you can use Basic Auth to send the access token. When sending an empty username, the basic auth password is treated by the ntfy server as an access token.

Sure, things can be still be optimized down the road but this looks like a simple enough change to enable token support in the app relatively quickly, further protecting original account credentials.

Thanks!