docs/11-references/OMADA_AUTH_NOTE.md

# Omada API Authentication Notes

**Last Updated:** 2026-01-31  
**Document Version:** 1.0  
**Status:** Active Documentation

---

## Current Issue

The Omada Controller API `/api/v2/login` endpoint requires the **Omada Controller admin username and password**, not OAuth Client ID/Secret.

## OAuth Application Configuration

Your OAuth application is configured in **Authorization Code** mode, which requires user interaction and is not suitable for automated API access.

## Solutions

### Option 1: Use Admin Credentials (Recommended for Testing)

Update `~/.env` to use your Omada Controller admin credentials:

```bash
# For /api/v2/login endpoint - uses admin username/password
OMADA_CONTROLLER_URL=https://192.168.11.8:8043
OMADA_ADMIN_USERNAME=your-admin-username
OMADA_ADMIN_PASSWORD=your-admin-password
OMADA_SITE_ID=090862bebcb1997bb263eea9364957fe
OMADA_VERIFY_SSL=false
```

Note: The current code uses OMADA_API_KEY/OMADA_API_SECRET as username/password for `/api/v2/login`.

### Option 2: Switch to Client Credentials Mode

1. In Omada Controller: Settings → Platform Integration → Open API
2. Edit your application
3. Change **Access Mode** from "Authorization Code" to **"Client Credentials"**
4. Save changes
5. Then use Client ID/Secret with OAuth token endpoint (if available)

### Option 3: Use OAuth Token Endpoint

If your controller supports OAuth token endpoint, we need to:
1. Find the OAuth token endpoint URL
2. Update Authentication.ts to use OAuth2 token exchange instead of /api/v2/login

## Current Status

- Controller is reachable: ✓
- `/api/v2/login` endpoint exists: ✓
- Authentication fails with Client ID/Secret: ✗ (Expected - endpoint needs admin credentials)

## Next Steps

1. **For immediate testing**: Use admin username/password in ~/.env
2. **For production**: Consider switching OAuth app to Client Credentials mode
3. **Alternative**: Check Omada Controller documentation for OAuth token endpoint
Refactor code for improved readability and performance 2025-12-21 22:32:09 -08:00			`# Omada API Authentication Notes`

docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates - ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands - CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround - CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check - NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere - MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates - LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference Co-authored-by: Cursor <cursoragent@cursor.com> 2026-02-12 15:46:57 -08:00			`Last Updated: 2026-01-31`
			`Document Version: 1.0`
			`Status: Active Documentation`

			`---`

Refactor code for improved readability and performance 2025-12-21 22:32:09 -08:00			`## Current Issue`

			The Omada Controller API `/api/v2/login` endpoint requires the Omada Controller admin username and password, not OAuth Client ID/Secret.

			`## OAuth Application Configuration`

			`Your OAuth application is configured in Authorization Code mode, which requires user interaction and is not suitable for automated API access.`

			`## Solutions`

			`### Option 1: Use Admin Credentials (Recommended for Testing)`

			Update `~/.env` to use your Omada Controller admin credentials:

			```bash
			`# For /api/v2/login endpoint - uses admin username/password`
			`OMADA_CONTROLLER_URL=https://192.168.11.8:8043`
			`OMADA_ADMIN_USERNAME=your-admin-username`
			`OMADA_ADMIN_PASSWORD=your-admin-password`
			`OMADA_SITE_ID=090862bebcb1997bb263eea9364957fe`
			`OMADA_VERIFY_SSL=false`
			```

			Note: The current code uses OMADA_API_KEY/OMADA_API_SECRET as username/password for `/api/v2/login`.

			`### Option 2: Switch to Client Credentials Mode`

			`1. In Omada Controller: Settings → Platform Integration → Open API`
			`2. Edit your application`
			`3. Change Access Mode from "Authorization Code" to "Client Credentials"`
			`4. Save changes`
			`5. Then use Client ID/Secret with OAuth token endpoint (if available)`

			`### Option 3: Use OAuth Token Endpoint`

			`If your controller supports OAuth token endpoint, we need to:`
			`1. Find the OAuth token endpoint URL`
			`2. Update Authentication.ts to use OAuth2 token exchange instead of /api/v2/login`

			`## Current Status`

			`- Controller is reachable: ✓`
			- `/api/v2/login` endpoint exists: ✓
			`- Authentication fails with Client ID/Secret: ✗ (Expected - endpoint needs admin credentials)`

			`## Next Steps`

			`1. For immediate testing: Use admin username/password in ~/.env`
			`2. For production: Consider switching OAuth app to Client Credentials mode`
			`3. Alternative: Check Omada Controller documentation for OAuth token endpoint`