iOS App Fails to Connect Remotely via Cloudflare Tunnel After Successful 2FA - NSCocoaErrorDomain 3840 #3511
Comments
|
The problem also exists on iPad and iPhone 12, but on Android with the same parameters this problem does not exist. |
|
Thanks for reporting the issue, just to double check, when you say "2FA" you mean Home Assistant 2FA right (like in the image below)? Not another layer of protection from cloudflare, correct?
Also please reproduce the issue once again, export the logs and submit here: https://forms.gle/Uoqz127Phx4mMTpS6 |
|
@bgoncal Thanks! I can reproduce the issue and submit logs via the form. Could you please clarify:
I'll send them as soon as I know exactly what's needed. Thanks |
|
It’s the companion app logs inside companion app settings >> debugging >> export logs |
|
@bgoncal I have reproduced the issue and submitted the companion app logs via the Google Form link you provided earlier. Let me know if you need anything else. Thanks |
|
Can you confirm what I asked above? When you say 2FA you mean Home Assistant 2FA or cloudflare's? |
|
Home Assistant 2FA |
|
I got your cloudflare URL from the logs and tried to reach out on the browser, then I got this (image). The App does not support URL's with secondary authentication, as soon as the App tries to reach the URL it needs to redirect directly to Home Assistant, otherwise it wont work.
|
|
Thanks so much for looking into the URL and identifying the secondary authentication issue. I really appreciate your help with this. I've double-checked the Cloudflare settings based on your feedback. You are correct; setting up the application seems to force the selection of an identity provider, and I wasn't able to find an option to disable or bypass this step. Just to reiterate, the only reason I am using Cloudflare is to provide remote access to my Home Assistant instance via the tunnel. Considering the iOS app cannot handle the identity provider selection screen, what would be the correct way to configure the Cloudflare Tunnel and Application settings so that it presents Home Assistant directly to the app without this intermediate step? Any guidance you could provide on the necessary Cloudflare setup would be fantastic. Thank you! |
|
Hey @Elad-Hanania , I cannot provide instructions from custom configurations, but I have configured cloudflare in the past (and still have one enabled) and it didn't ask me for any secondary authentication, so perhaps follow the instructions from the cloudflared add-on again to see if you missed something |
|
Hi! If I understand correctly this is the setup I've been using for around a year and never had a problem with it. If you want to disable this 2FA, assuming you set it up the same way I did, you can follow these steps: Log into your Cloudflare account, go to Zero Trust>Settings>Authentication. |
Model Name: Iphone 14
Software Version: 18.3.2
App version: 2025.2
Home Assistant Core Version: 2025.3.4
The official Home Assistant iOS app fails to connect when outside the local network via a Cloudflare Tunnel setup, despite successful access through web browsers (both desktop and mobile) under the same conditions. The app allows login with username and password, followed by a successful two-factor authentication (2FA) step where the code from the authenticator app is entered. Immediately after successfully submitting the 2FA code, the app displays the error: "The data couldn’t be read because it isn’t in the correct format." with Error Code: NSCocoaErrorDomain 3840. The app connects successfully when the iOS device is on the local Wi-Fi network.
To Reproduce
Set up a Home Assistant container and a cloudflared container on the same machine.
Configure a Cloudflare Tunnel to expose the Home Assistant instance to a public domain.
Ensure remote access to the Home Assistant instance via a web browser (both on desktop and a mobile device outside the local network) is working through the Cloudflare Tunnel, including successful 2FA if enabled in your browser setup.
Open the official Home Assistant iOS app while the iOS device is not connected to the local Wi-Fi network.
Enter the correct username and password on the login screen.
If 2FA is enabled, enter the correct code from your authenticator app on the subsequent screen.
Observe the error message: "The data couldn’t be read because it isn’t in the correct format." with Error Code: NSCocoaErrorDomain 3840 appearing immediately after successfully submitting the 2FA code.
Expected behavior
The Home Assistant iOS app should successfully connect to the Home Assistant instance when outside the local network via the Cloudflare Tunnel after entering the correct credentials and completing the 2FA process, similar to the successful web browser access. The user should be able to access the Home Assistant dashboard and control their devices.
Additional context
Home Assistant is running in a Docker container.
The cloudflared tunnel container is configured on the same machine as the Home Assistant container.
Accessing Home Assistant via a web browser (both desktop and mobile) through the Cloudflare Tunnel works without any issues when outside the local network, including successful 2FA if enabled.
The iOS app connects successfully when the device is on the local Wi-Fi network (using the local IP address or hostname).
The issue seems to occur specifically during the data loading phase after successful authentication and 2FA completion within the iOS app when connected remotely via the Cloudflare Tunnel.
The text was updated successfully, but these errors were encountered: