Deprecated http.api_password (home-assistant#8894)

awarecan · frenck · commit 68298c5c0830 · 2019-03-11T19:59:00.000+01:00
* Update providers.markdown

* Update http.markdown

* Update http.markdown

* Update source/_components/http.markdown

Co-Authored-By: awarecan &lt;awarecan@users.noreply.github.com&gt;

* Update source/_components/http.markdown

Co-Authored-By: awarecan &lt;awarecan@users.noreply.github.com&gt;
diff --git a/source/_components/http.markdown b/source/_components/http.markdown
@@ -22,12 +22,11 @@ Don't use option `server_host` on a Hass.io installation!
 ```yaml
 # Example configuration.yaml entry
 http:
-  api_password: YOUR_PASSWORD
 ```
 
 {% configuration %}
 api_password:
-  description: Protect the Home Assistant API with a password - this password can also be used to log in to the frontend. Where your client or other software supports it, you should use [long lasting access token](/docs/authentication/#your-account-profile) instead, as [shown in the REST API](https://developers.home-assistant.io/docs/en/external_api_rest.html) and [websocket API](https://developers.home-assistant.io/docs/en/external_api_websocket.html) documentation.
+  description: "**Deprecated since 0.90 release. Configuration moved to [Legacy API password auth provider](/docs/authentication/providers/#legacy-api-password).** Protect the Home Assistant API with a password - this password can also be used to log in to the frontend. Where your client or other software supports it, you should use [long lasting access token](/docs/authentication/#your-account-profile) instead, as [shown in the REST API](https://developers.home-assistant.io/docs/en/external_api_rest.html) and [websocket API](https://developers.home-assistant.io/docs/en/external_api_websocket.html) documentation."
   required: false
   type: string
 server_host:
@@ -71,7 +70,7 @@ trusted_proxies:
   required: false
   type: string, list
 trusted_networks:
-  description: "List of trusted networks, consisting of IP addresses or networks, that are allowed to bypass password protection when accessing Home Assistant.  If using a reverse proxy with the `use_x_forwarded_for` and `trusted_proxies` options enabled, requests proxied to Home Assistant with a trusted `X-Forwarded-For` header will appear to come from the IP given in that header instead of the proxy IP."
+  description: "**Deprecated since 0.89 release. Configuration moved to [Trusted Networks auth provider](/docs/authentication/providers/#trusted-networks).** List of trusted networks, consisting of IP addresses or networks, that are allowed to bypass password protection when accessing Home Assistant.  If using a reverse proxy with the `use_x_forwarded_for` and `trusted_proxies` options enabled, requests proxied to Home Assistant with a trusted `X-Forwarded-For` header will appear to come from the IP given in that header instead of the proxy IP."
   required: false
   type: string, list
 ip_ban_enabled:
@@ -96,7 +95,6 @@ The sample below shows a configuration entry with possible values:
 ```yaml
 # Example configuration.yaml entry
 http:
-  api_password: YOUR_PASSWORD
   server_port: 12345
   ssl_certificate: /etc/letsencrypt/live/hass.example.com/fullchain.pem
   ssl_key: /etc/letsencrypt/live/hass.example.com/privkey.pem
@@ -107,11 +105,6 @@ http:
   trusted_proxies:
     - 127.0.0.1
     - ::1
-  trusted_networks:
-    - 127.0.0.1
-    - ::1
-    - 192.168.0.0/24
-    - fd00::/8
   ip_ban_enabled: true
   login_attempts_threshold: 5
 ```
diff --git a/source/_docs/authentication/providers.markdown b/source/_docs/authentication/providers.markdown
@@ -132,11 +132,11 @@ Activating this auth provider will allow you to authenticate with the API passwo
 homeassistant:
   auth_providers:
    - type: legacy_api_password
-
-http:
-  api_password: !secret http_password
+     api_password: !secret http_password
 ```
 
+`api_password` is required option since 0.90 rlease.
+
 Activating this auth provider will also allow you to provide the API password using an authentication header to make requests against the Home Assistant API. This feature will be dropped in the future in favor of long-lived access tokens.
 
 If you don't specify any `auth_providers` section in the `configuration.yaml` file then this provider will be set up automatically if `api_password` was configured under `http` section.
