Request to Restore API Key Authentication for Token Generation

[Tux7501 1]

Hello Team,

I am reaching out to highlight an issue that has become a significant roadblock in our workflow, especially since the update past version 4.8.0.39.

Prior to Emby Server version 4.8.0.39, I relied heavily on the ability to use the `/Authenticate` or `/AuthenticateByName` endpoints with an API key to generate access tokens for users. This method was indispensable to our infrastructure, streamlining our process and making user management efficient. However, with recent updates, this functionality has been removed or changed, causing significant disruptions to our operations.

The ability to authenticate by name with just an API key allowed us to bypass the need for individual passwords in specific controlled scenarios. This feature was essential for our setup, where dynamic user token generation was key. The removal of this feature has left us in a challenging position, and as of now, we are finding it increasingly difficult to use Emby viably.

I must admit, I am not versed in C# programming. I've heard from fellow community members that it might be possible to reintroduce this functionality via a custom plugin. However, crafting such a solution is beyond my current skill set. If anyone in this wonderful community is proficient in C# and familiar with Emby's plugin architecture, I would greatly appreciate any assistance or guidance in developing a solution. It would be a lifesaver for operations like ours.

Thank you all for your time and understanding. I hope we can find a solution together. Emby has been an incredible platform, and with your help, I hope to continue using it seamlessly.

[ebr 14339]

Hi.  How are you using Emby?

[Tux7501 1]

We have it integrated with our website which uses SQL backend for authentication. Then the Emby API is hit via PHP to talk to the Emby server and create access tokens for that user. We did this to avoid users logging in twice (once to the website and again to my media server to play videos).

[ebr 14339]

Right, but what is your website and who are your users?

[Tux7501 1]

I am not comfortable with sharing this information. It is not important to the request either.

Can we please discuss this request only?

[ebr 14339]

12 minutes ago, Tux7501 said:

I am not comfortable with sharing this information.

You can PM it to me.

12 minutes ago, Tux7501 said:

It is not important to the request either.

It is important to our terms of use.

[Tux7501 1]

Yes, I am aware and I am following the TOS. I simply want to know if this functionality will return to the Emby API.

[ebr 14339]

We would want to see a fairly common, legitimate use-case for it within our terms of use.  That's why I'm asking for details.

Thanks.

[Tux7501 1]

I run the server...control the database...and have an API key...I should be able to generate access tokens for users. I don't see the issue here nor do I think the discussion we are having is constructive. Just close my request. I am going to use Jellyfin.

[Luke 34614]

I'm surprised this was even possible. What was your exact url and param set that you were using?