# Omada API Authentication Notes

**Last Updated:** 2026-01-31  
**Document Version:** 1.0  
**Status:** Active Documentation

---

## Current Issue

The Omada Controller API `/api/v2/login` endpoint requires the **Omada Controller admin username and password**, not OAuth Client ID/Secret.

## OAuth Application Configuration

Your OAuth application is configured in **Authorization Code** mode, which requires user interaction and is not suitable for automated API access.

## Solutions

### Option 1: Use Admin Credentials (Recommended for Testing)

Update `~/.env` to use your Omada Controller admin credentials:

```bash
# For /api/v2/login endpoint - uses admin username/password
OMADA_CONTROLLER_URL=https://192.168.11.8:8043
OMADA_ADMIN_USERNAME=your-admin-username
OMADA_ADMIN_PASSWORD=your-admin-password
OMADA_SITE_ID=090862bebcb1997bb263eea9364957fe
OMADA_VERIFY_SSL=false
```

Note: The current code uses OMADA_API_KEY/OMADA_API_SECRET as username/password for `/api/v2/login`.

### Option 2: Switch to Client Credentials Mode

1. In Omada Controller: Settings → Platform Integration → Open API
2. Edit your application
3. Change **Access Mode** from "Authorization Code" to **"Client Credentials"**
4. Save changes
5. Then use Client ID/Secret with OAuth token endpoint (if available)

### Option 3: Use OAuth Token Endpoint

If your controller supports OAuth token endpoint, we need to:
1. Find the OAuth token endpoint URL
2. Update Authentication.ts to use OAuth2 token exchange instead of /api/v2/login

## Current Status

- Controller is reachable: ✓
- `/api/v2/login` endpoint exists: ✓
- Authentication fails with Client ID/Secret: ✗ (Expected - endpoint needs admin credentials)

## Next Steps

1. **For immediate testing**: Use admin username/password in ~/.env
2. **For production**: Consider switching OAuth app to Client Credentials mode
3. **Alternative**: Check Omada Controller documentation for OAuth token endpoint