Embed credentials on Blue Iris Web Server URL

Discussion in 'Blue Iris' started by technet, Dec 23, 2015.

Share This Page

  1. technet

    technet Getting the hang of it

    Joined:
    Dec 25, 2014
    Messages:
    118
    Likes Received:
    15
    Hello everyone,

    We would like to know if it is possible to embed Blue Iris credentials in a URL, as sometimes it is really needed.


    Something like http://user:password@server.tld:9090 isn't accepted on Blue Iris, and it works on many other webservers including on IP cameras, which allows us to automate some functions like PTZ with a single http get request.


    [​IMG]
     
  2. bp2008

    bp2008 Staff Member

    Joined:
    Mar 10, 2014
    Messages:
    8,744
    Likes Received:
    5,804
    I think it is possible, but it is undocumented ... and I don't remember the syntax. Please report back if you find out (maybe ask the developer of Blue Iris).
     
  3. technet

    technet Getting the hang of it

    Joined:
    Dec 25, 2014
    Messages:
    118
    Likes Received:
    15
    I've asked him already, waiting for the reply.
     
  4. technet

    technet Getting the hang of it

    Joined:
    Dec 25, 2014
    Messages:
    118
    Likes Received:
    15
    You'll have to disable "secure only" on Options/Web server, so you can add to the URL:

    ?user=user&pw=password
     
    Mike and bp2008 like this.
  5. bp2008

    bp2008 Staff Member

    Joined:
    Mar 10, 2014
    Messages:
    8,744
    Likes Received:
    5,804
    Thanks. I've bookmarked this thread so I can remember :)
     
  6. Mike

    Mike Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    2,446
    Likes Received:
    1,597
    Location:
    New York
    You can always "Subscribe" to it with no notifications, that's what I do :)
     
  7. bp2008

    bp2008 Staff Member

    Joined:
    Mar 10, 2014
    Messages:
    8,744
    Likes Received:
    5,804
    Yes, but I automatically subscribe with notifications to every thread I post in... so I have a stupid number of subscriptions :)
     
  8. Rhys Evans

    Rhys Evans n3wb

    Joined:
    Jul 9, 2015
    Messages:
    8
    Likes Received:
    1
    this doesnt seem to work with UI3, is there a new way to add to the url extension so no login/pw required?
     
  9. bp2008

    bp2008 Staff Member

    Joined:
    Mar 10, 2014
    Messages:
    8,744
    Likes Received:
    5,804
    This still works just as described above. The existence of ui3 files in the web server folder is of no consequence.
     
  10. gleep52

    gleep52 Young grasshopper

    Joined:
    Sep 8, 2014
    Messages:
    66
    Likes Received:
    3
    Where is the "Secure only" option located in recent versions of Blue Iris? Was it renamed? I'm trying to pass credentials to login to ui3.htm as well as a direct camera feed and it does not work...

    http://server.domain.com:8081/ui3.htm?user=admin&pw=password

    It takes us to our login page, but does not enter the credentials or continue... etc. Just stays at a blank filled login ui3 page...
     
    TonyR likes this.
  11. bp2008

    bp2008 Staff Member

    Joined:
    Mar 10, 2014
    Messages:
    8,744
    Likes Received:
    5,804
    Blue Iris Options > Web server > Advanced. It is a checkbox called "Use secure session keys and login page".
     
  12. gleep52

    gleep52 Young grasshopper

    Joined:
    Sep 8, 2014
    Messages:
    66
    Likes Received:
    3
    If I disable that - it doesn't even ask for a username or password at all...? Is that expected behavior? Tried on a brand new VM that's never even logged into BI at all... (not passing username or password, just let me right into the camera feed). I have "Require from" set to "All connections" and unchecked "Use secure session keys and login page". But when I go to http://server:port/ui3.htm it logs straight in without any prompting - I don't even know what user it's logging in with??
     
  13. bp2008

    bp2008 Staff Member

    Joined:
    Mar 10, 2014
    Messages:
    8,744
    Likes Received:
    5,804
    That is strange @gleep52 . You can look in Blue Iris Status > Connections to see which user it is using.
     
  14. erkme73

    erkme73 Getting comfortable

    Joined:
    Nov 9, 2014
    Messages:
    836
    Likes Received:
    395
    While this may be wholly inapplicable to the request, I thought it might be a good time to remind anyone reading this thread that you can specify specific client IP addresses blanket admin access w/o the need to supply credentials at all. This, of course, wouldn't be useful if you are trying to limit users to specific permissions, or if you're reaching your BI server from outside the LAN. Where it is particularly useful is if you're using a 3rd-party client (i.e. Roku IP camera viewer, or a home automation controller) that is on the LAN, and you don't want to supply that device with ANY credentials that could be sent 'home' to the developer. It effectively puts the local IP on a whitelist. It can be found under global settings, web server, advanced button, "limit IP addresses" box, add LAN IP with a carrot ^ ahead of IP.

    I have multiple Roku TVs with static IP addresses (as well as a VERA home controller that triggers BI alerts) which all require access to BI. By adding each IP with the ^ symbol, I simply leave the UN/PW credentials blank (or don't add them to the URL). Works great.
     
    gregbert, TonyR and Mike A. like this.
  15. TonyR

    TonyR IPCT Contributor

    Joined:
    Jul 15, 2014
    Messages:
    3,858
    Likes Received:
    3,637
    Location:
    Alabama
    Thanks for the timely reminder, I have found this info useful ever since you revealed it back in June of 2017 in the thread "Check your BI logs for logins from unknown IPs".

    And thanks for the carrot....er.... caret! :D
     
    Last edited: May 18, 2019
    th182 likes this.
  16. erkme73

    erkme73 Getting comfortable

    Joined:
    Nov 9, 2014
    Messages:
    836
    Likes Received:
    395
    Eh, even a blind bunny finds one every now and then ....
     
    TonyR likes this.