Authenticated kernel API requests work without setting the authentication code #14571
Comments
|
Using 127.0.0.1:6806 should not require an Access authorization code. |
I'm not talking about that, but rather the actual device's IP address when accessed from another device once network serving is enabled. I don't see any reason why the API wouldn't work without an access code in that case, since the authentication needs the API token |
88250
changed the title
88250
added a commit
that referenced
this issue
Apr 12, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In what scenarios do you need this feature?
This feature would be useful to call APIs from other devices when the authentication code hasn't been set.
Describe the optimal solution
The best solution would be to allow API requests from the local network even when the authentication code hasn't been set, since some kind of authentication is required regardless (API Token).
Describe the candidate solution
No response
Other information
I wasn't sure whether to label this as a bug or a feature request, because this just doesn't make sense from my perspective.
Needing an authentication code for the web login on the local network is obviously the best choice, but why would APIs be blocked as well if they require some sort of authentication to respond, like the API token?
The text was updated successfully, but these errors were encountered: