undefined | Better HN

0 pointsamosesdev1y ago0 comments

Do you mean outside of the API that I talk about in the article? If I exposed the HA API via the frontend, users would be able to just take the bearer token and do whatever they wanted with it (even deleting the entities used for the doors). That's why the express server is sitting in the middle to only expose the relevant information (proxying w/ the bearer token, which the end users have no access to)

0 comments

grahamj1y ago

I meant via webhook triggers as those don't require auth:

https://www.home-assistant.io/docs/automation/trigger/#webho...

I guess you'd still want a proxy or firewall so not sure it ends up being much less complex, but it should be doable.

j / k navigate · click thread line to collapse

0 comments

grahamj1y ago

I meant via webhook triggers as those don't require auth:

https://www.home-assistant.io/docs/automation/trigger/#webho...

I guess you'd still want a proxy or firewall so not sure it ends up being much less complex, but it should be doable.

j / k navigate · click thread line to collapse