mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-16 14:47:04 -05:00
[GH-ISSUE #1141] Secure Key Login failed on HomeAssistant #1778
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @isibizi on GitHub (Jul 27, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/1141
Hi, I have the newest version of Pangolin with secure key login. SSO sign-in with secure key is not possible and I see this message.
@adrianeastles commented on GitHub (Jul 28, 2025):
Are you able to login to other resources or the main pangolin url using the security key?
@isibizi commented on GitHub (Jul 28, 2025):
Yes, only with secure key in home Assistant it is not possible to login.
@Crashman1983 commented on GitHub (Jul 29, 2025):
This is within the mobile companion app, right? Same for me using Authentik. It seems, like HA Companion App does not have access to credentials like passkeys.
@isibizi commented on GitHub (Jul 29, 2025):
Yes, right. This issue is in the companion app.
@adrianeastles commented on GitHub (Jul 29, 2025):
To configure bypass rules for the Companion App, please refer to the following documentation: https://docs.fossorial.io/Pangolin/bypass-rules#:~:text=Home%20Automation-,Home%20Assistant.
While an integration with Home Assistant and OIDC (OpenID Connect) was being explored to address this. You can find the related project here: https://github.com/christiaangoossens/hass-oidc-auth.
Please be aware: The OIDC integration is an alpha release and comes with no guarantees regarding code quality, error handling, or security. Use it at your own risk.
@isibizi commented on GitHub (Jul 29, 2025):
The rules are already configured.
@isibizi commented on GitHub (Jul 30, 2025):
It‘s not supported by the app
https://github.com/home-assistant/iOS/issues/3753
@Crashman1983 commented on GitHub (Jul 30, 2025):
I get the impression that they are more concerned with secure (and paid) access via Nabu Casa than with the wishes of users. Many other tickets with similar requests, such as support for OIDC, have also been closed.
But perhaps there is also a lack of manpower.
@bgoncal commented on GitHub (Jul 30, 2025):
Don't be unfair spreading false information.
For whoever wants to read the reasoning behind it, here is my answer given to @Crashman1983
https://github.com/home-assistant/iOS/issues/3753#issuecomment-3135565927
Also here the officially supported remote connection options by the App:
https://github.com/home-assistant/iOS/issues/3575
Also here more context around it:
https://github.com/home-assistant/iOS/discussions/1719#discussioncomment-11890841
@bgoncal commented on GitHub (Jul 30, 2025):
Thanks for the edited comment, but it's still a wrong impression.
@LaurenceJJones commented on GitHub (Jul 31, 2025):
Should be now semi mitigated by 1.8.0 with the ability to log in with user/password if security keys are configured
053acef728but the application does not have support for triggering or interacting via FIDOwhich I agree with @bgoncal its not as simple as "enable it", it takes time to make sure the application can interact and use these securely
@github-actions[bot] commented on GitHub (Aug 15, 2025):
This issue has been automatically marked as stale due to 14 days of inactivity. It will be closed in 14 days if no further activity occurs.
@github-actions[bot] commented on GitHub (Aug 30, 2025):
This issue has been automatically closed due to inactivity. If you believe this is still relevant, please open a new issue with up-to-date information.