Authentication and Access Control

Hi everyone,

I know that openHAB does not provide Authentication and Access Control, but it looks like there is some user management in the Main UI.

I need to add an admin user, but that’s it. Do I get it right that it’s not possible to add additional admin (or regular) users?

Don’t get me wrong, but this authentication seems to be half-baked. My assumption is that the admin user is the first step towards an improved user management. Do I get this right? Is there a roadmap how this is going to be improved?


You can go to the karaf console. There is are following possibilities:

Usage: openhab:users list - lists all users
Usage: openhab:users add <userId> <password> <role> - adds a new user with the specified role
Usage: openhab:users remove <userId> - removes the given user
Usage: openhab:users changePassword <userId> <newPassword> - changes the password of a user
Usage: openhab:users listApiTokens - lists the API tokens for all users
Usage: openhab:users addApiToken <userId> <tokenName> <scope> - adds a new API token on behalf of the specified user for the specified scope
Usage: openhab:users rmApiToken <userId> <tokenName> - removes (revokes) the specified API token
Usage: openhab:users clearSessions <userId> - clear the refresh tokens associated with the user (will sign the user out of all sessions)

Thanks a lot. I was not aware of this possibility. The allowed roles are “admin” and “user”?

Nevertheless, this confirms my assumption that the user management is not mature.

Again, I know that openHAB don’t claim to have a mature user management. I just would like to know if there are ideas in the pipeline like custom roles for controlling actions and so on.