OpenID Connect for Home Assistant

OpenID Connect (OIDC) implementation for Home Assistant through a custom component/integration

Usage Guide · Configuration Guide · Contribution Guide

Announcements & Polls · Issues · Questions · Feature Requests

Caution

This is an alpha release. I give no guarantees about code quality, error handling or security at this stage. Use at your own risk.

Provides an OpenID Connect (OIDC) implementation for Home Assistant through a custom component/integration. Through this integration, you can create an SSO (single-sign-on) environment within your self-hosted application stack / homelab.

Background

If you would like to read the background/open letter that lead to this component, please see https://community.home-assistant.io/t/open-letter-for-improving-home-assistants-authentication-system-oidc-sso/494223. It is currently one of the most upvoted feature requests for Home Assistant.

Installation guide

1. Add this repository to HACS.

2. Add the YAML configuration that matches your OIDC provider to configuration.yaml. See the Configuration Guide for more details or pick your OIDC provider below:

   Authentik	Authelia	Pocket ID

   By default, the integration assumes you configure Home Assistant as a public client and thus only specify the client_id and no client_secret. For example, your configuration might look like:

   auth_oidc:
       client_id: "example"
       discovery_url: "https://example.com/.well-known/openid-configuration"

   When registering Home Assistant at your OIDC provider, use <your HA URL>/auth/oidc/callback as the callback URL and select 'public client'. You should now get the client_id and issuer_url or discovery_url to fill in.

3. Restart Home Assistant

4. Login through the OIDC Welcome URL at <your HA URL>/auth/oidc/welcome. You will have to go there manually for now. For example, it might be located at http://homeassistant.local:8123/auth/oidc/welcome.

More (detailed) usage instructions can be found in the Usage Guide.

Contributions

Contibutions are very welcome! If you program in Python or have worked with Home Assistant integrations before, please try to contribute. A list of requested contributions/future goals is in the Contribution Guide.

Please see the Contribution Guide for more information.

Found a security issue?

Please see SECURITY.md for more information on how to submit your security issue securely. You can find previously found vulnerablities and their corresponding security advisories at the Security Advisories page.

License

Distributed under the MIT license with no warranty. You are fully liable for configuring this integration correctly to keep your Home Assistant installation secure. Use at your own risk. The full license can be found in LICENSE.md