[Solved]OPNsense integration credentials
I tryed to setup the new OPNsense integration, but I was unable to establish a connection to OPNsense.
- Tryed to use the root user for test. Also created a new admin user, generated several API keys/secrets for these but for some reason I could not connect Homarr to OPNsense.
I could not figure out the right credentials needed.
Until documentation is updated please throw a hint in my direction. Ty!
27 Replies
Thank you for submitting a support request.
Depending on the volume of requests, our team should get in contact with you shortly.
⚠️ Please include the following details in your post or we may reject your request without further comment: - Log (See https://homarr.dev/docs/community/faq#how-do-i-open-the-console--log) - Operating system (Unraid, TrueNAS, Ubuntu, ...) - Exact Homarr version (eg. 0.15.0, not latest) - Configuration (eg. docker-compose, screenshot or similar. Use ``your-text`` to format) - Other relevant information (eg. your devices, your browser, ...)
Frequently Asked Questions | Homarr documentation
Can I install Homarr on a Raspberry Pi?
!qa required_data
Thank you for your question. Our support team has noted that your request does not meet the minimum required data so we are unable to answer your question.
Please provide:
- your Homarr logs
- your setup configuration (eg. docker compose, docker run, helm chart, screenshot, ...)
- A detailed description of your problem or question with additional images where necessary
- Your operating system
- Version of Homarr (do not say latest! say 0.15.2, ...)
Failure to comply with this will result in a permanent closure of your support request.
And please show us a screenshot of your integration config with the secrets censored
I think i have the same issue as op
Homarr v1.31.0 on debian with portainer
Logs :
For the integration i have
https://opnsense.domain
user : root
password : password
it's the same i use to connect on the webui
- I'm using port 440 instead of the default 80
- Password, Key, Secret... none of it worked.
- Also the 3 *** at the beginning of the input field are a little bit distracting at first.
The port is not an issue, I myself use the 8443 port for HTTPS.
And there is a thing with login/password : even it's said in the user interface, it's in fact an api key and an api secret you have to generate for your user. I'm actually writing the documentation for the OPNsense integration.
And if you are using HTTPS, the certificate MUST include the ip address if you are using the ip address to connect.
Nope, I disabled the usage of HTTPS in OPNsense.
I intentionally use HTTP since no one with a sound mind would expose his home router admin UI to the internet.
So the UI is only reachable using http in this case.
- I definitely generated the key/secret pair for the users, 2-3x and even tried to use those but no luck.
(checking on documentation as son its up)
Then you have to generate api credentials for your user
Yes I did, as I wrote in my initial post. The only issue i can think of to not include all of the string
key=456t8754... or secret=8df89d...Exactly : key is to be put in the username field and secret in password field.
AAaaaaa
But without the key= or secret=
Then NOT a username in the username field? But the user "key"?
Yes. The OPNsense api uses username/password authentication scheme but with api credentials.
Yes, THIS was it then.
Using the provided key string in the username field and secret string in the password field did the trick and the integration has being set.
BIG Ty for your guidance!!!
I'm glad to read that, and I'll work on the documentation as soon as I can. I think next week.
Ty! Until then this thread may help the others.
Oh, I think we should update the required credentials then and actually tell the user what he needs to specify
I'll look into it later
This thread helped me. Thanks!
What privileges does the OPNsense user need to have? I want to grant it only what is necessary but I cannot figure out which privilege controls access to fix this error: uri /api/diagnostics/system/system_information not accessible for user homarr
So far I have added these to the account but I cannot find one that mentions system_information and the OPNsense documentation hasn't been of much help
Yes, I agree, that's why I gave the "all pages" privilege, even if it irked me to do si while I was working on the widget. After it was finished, I tried to check what was needed, but I was unable to figure that out.
I made some progress: you can search the privilege list in the OPNsense GUI under System: Access: Privileges and found the only privilege needed is Lobby: Dashboard that gets past the connection test. After that I could add the app/integration, but the integration still fails. The firewall log still shows a similar error uri /api/diagnostics/system/systemResources not accessible for user homarr using api key but the closest on the firewall is actually /api/diagnostics/system/system_resources and in the Homarr log there is now: https://pastebin.com/DMr9q2pn
I'm now on OPNsense v25.7 so maybe the names in the api have been changed - I'd love to copy paste the entire table from the firewall so you can see it, but the GUI prevents me selecting anything from the table which is annoying
Pastebin
2025-08-05T11:14:17.692Z error: tRPC Error with query on 'widget.fi...
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
Another privilege that's needed which I just spotted in the firewall log is Reporting: Traffic
I'm on 25.1.7, from what I can tell, OPNsense have recently updated to snake_case in V25.7 and Homarr is trying to access "/api/diagnostics/system/system_information" accordingly, however in privileges section, only the old endpoint uri "/api/diagnostics/system/systeminformation" (Note: no underscore) exists and is assigned to "Lobby: Dashboard". Doesn't look like the match rules in privileges can be modified. So until OPNsense fixes it people can just assign "All Pages" AND "System: Deny Config Write" to make everything available to homarr but read only just to be safe.
P.S. Just to be clear, both "systeminformation" and "system_information" exist and are accessible by users with "All Pages" privilege set. It's just that "system_information" that Homarr Integration is trying to use needs to be specifically defined in "Lobby: Dashboard" privilege uri match list.
P.S.2. I will try updating to latest build and update here if it resolves the issue without having to resort to workaround.
We recently merged a fix regarding this
Can you check the backlog? We use the route requiring less permissions now
I'm on v1.33.0 of homarr, seems to be latest.
Can confirm, issue fixed in OPNsense 25.7 (it now includes "/api/diagnostics/system/system_information" in the URI Matching for "Lobby: Dashboard" privilege.) So only 2 that need to be set are Lobby:Dashboard and Reporting: Traffic as per @Taomyn