User management? or 'View Only' mode? Best Practices?

[srvoets]

I've been using Frigate for a few months now and LOVE it. I only wish I found it before I spent $70 on a blue iris license. Im running it in unraid, and I recently setup organizr to handle ombi requests for my friends that I rent rooms to. Id like to give them VIEW ONLY access to the streams, and put it as a tab in organizr. Organizr is nginx reverse proxied with a personal domain, I dont really want to put the full frigate interface out onto the internet (all cameras are outdoor, so its not like the inside of the home is exposed but nonetheless)

Is there a good and SECURE way to give my housemates access to the live streams/event history? I debated maybe a locked-down home assistant lovelace dashboard, but there's quite a delay in what HA shows whereas when I view it in Frigate it seems to be near real-time.

I have wireguard on my phone, but I dont want to make them install a VPN profile if I can get it into organizr which at least requires authentication.

[blakeblackshear]

Personally, I expose frigate on its own subdomain behind traefik with google authentication. I have also used oauth2_proxy in the past. A third option would be to put a simple nginx proxy with basic authentication in front of frigate.

[srvoets]

I debated the oroxy w/ authentication, but ideally organizer would be the authentication, IE once you sign into organizr frigate is logged into/loaded

[blakeblackshear]

It looks like you can use organizr for authentication like you want based on these docs https://docs.organizr.app/books/setup-features/page/serverauth

[srvoets]

After reading your first reply I started looking into oAuth and found the document you just linked. Im in a little over my head but im sure Ill get it running eventually.

[sandstormkeshav]

Do not mean to hijack but I know that the debug page shows the credentials for cameras, is there a way we can turn this off or hide it?