"Access Control Manager" provides a centralized interface for managing user permissions and access rights within Home Assistant. It allows administrators to create, assign, and customize roles, ensuring secure and streamlined control over who can interact with specific devices, automations, and dashboards in the smart home ecosystem.
To install Access Control Manager using HACS:
- Click the button above, or add this repository manually as a custom repository in HACS:
- Go to HACS → Integrations → Add Custom Repository.
- Enter the URL of this repository and select Integration as the category.
- Search for "Access Control Manager" in HACS and install it.
- Restart Home Assistant.
- Go to Settings → Devices & Services → Add Integration.
- Search for "Access Control Manager" and select it.
This section was added following this issue.
To set up custom access management, you need to follow these steps:
- Create a new group: Define a new group that will have specific permissions.
- Unassign the
Usersgroup: For the users you want to restrict, you must remove them from the defaultUsersgroup. As explained in the Home Assistant developer documentation, policies are merged, and theUsersgroup grants broad permissions by default. To apply restrictive policies, the user must not be a member of theUsersgroup. - Set permissions: Assign the desired permissions to the new group you have created.
The Label permissions section is a bulk-edit helper for entities, helpers, and devices that directly use a Home Assistant label. When you select read or write for a label, Access Control Manager applies that permission to the currently loaded matching entities and saves them as individual entity permissions.
This does not create a persistent Home Assistant label policy. If you add a new device or entity later and assign the same label to it, the new item will not automatically receive those permissions. Reopen the group permissions, apply the label permission again, and save to include new matching items.
| Option Name | Description | required | default Value |
|---|---|---|---|
| Tab Icon | Icon for the Access Control Manager tab, chosen from 23 MDI icons | No | mdi:shield-account |
| Tab Name | Name of the Access Control Manager tab. | No | Access Control Manager |
| Path for Admin UI | Custom URL path for accessing the admin interface | No | /ha-access-control-manager |
Access Control Manager exposes an async helper that other Home Assistant code can call to synchronize Lovelace dashboard visibility from the current ACM group dashboard permissions.
The helper is registered in hass.data when the integration is loaded:
from homeassistant.core import HomeAssistant
ACM_DOMAIN = "ha_access_control_manager"
SYNC_DASHBOARDS_API = "async_sync_group_dashboards_to_users"
async def async_update_dashboard_visibility(hass: HomeAssistant) -> None:
sync_dashboards = hass.data.get(ACM_DOMAIN, {}).get(SYNC_DASHBOARDS_API)
if sync_dashboards is None:
raise RuntimeError("Access Control Manager is not loaded")
await sync_dashboards(hass)This coroutine must be awaited from Home Assistant's event loop. It does not take a user or group argument; it syncs dashboard visibility for users based on the saved ACM group dashboard permissions.
-
Adding a message to confirm or display an error when we save 🚀
-
Search system to quickly find resources 🚀
-
Adding a function to sanitize url for path_to_admin_ui 🛠️
-
Improving error handling and code maintainability. 🛠️
If you want this component to support another language, feel free to submit a PR or create an issue. If you open an issue, I’ll gladly handle the translation for you! 😄
See CONTRIBUTORS.md for the full list of contributors.