I secured my iCloud account with physical security keys (like YubiKey). For such a sensitive account definately a good idea, but it seams so, that this is blocking to use the iCloud binding in openhab.
Since I use the physical security keys, my Apple devices do not show/provide the 6 digit 2FA key anymore. There is just a pop-up that a device try to connect to my account and I can say “Yes” or “This is not me”.
Is there a work around for initializing the iCloud binding without the 6 digit number and with a physical key?
Most services which have this sort of 2FA also offer a way to create an “application integration” or “application password”. This walks you through a wizard to create a randomly generated password that third party apps can use to authenticate with the account and bypass the 2FA. The password is revocable and only shown to you at the time of creation.
Of course this bypasses the 2FA. You can’t get around that. It’s always a balance between security and usability/convenience.
Many thanks, @rlkoshak for the quick answer. Yes, iCloud is also offering to use “application passwords”. Unfortunately, the iCloud binding is not supporting this so far. This is also documented in the binding documentation here as the last sentence in the first hanging paragraph.
I used this application password of iCloud also for other apps like Outlook for iOS in the past. In this case, there is also no 2FA provided, simply an access.
So, unfortunately, this is also not solving my issue to connect the iCloud again to my openhanded instance.
If application specific passwords are not supported then it’s not going to work. Someone will have to add support for FIDO keys to the binding and if they haven’t added support for application keys I’m not hopeful for that.