Problem or Use Case
Feature Request: Support JWT Auth for Local Honcho Instances
Title: Hermes honcho setup should support AUTH_JWT_SECRET for local (self-hosted) Honcho
Problem
When configuring Hermes against a self-hosted (local) Honcho instance, the honcho setup flow does not configure AUTH_JWT_SECRET, apparently treating JWT auth as a cloud-only feature. This forces users to disable AUTH_USE_AUTH entirely to run a local instance, leaving the Honcho API unauthenticated.
Expected behavior
AUTH_JWT_SECRET should be configurable regardless of whether the Honcho provider is cloud or local. JWT is a transport-agnostic auth mechanism and there's no architectural reason to restrict it to cloud deployments.
Current workaround
Set AUTH_USE_AUTH=false in the Honcho compose environment — which disables all authentication on the local instance.
Suggested fix
During hermes honcho setup, when the user selects a local/self-hosted provider, prompt for (or generate) an AUTH_JWT_SECRET the same way the cloud path does. Alternatively, document that users must set this manually and validate it during setup.
Impact
Users self-hosting Honcho who want authenticated API access have no supported path to configure it via Hermes tooling.
Proposed Solution
Suggested fix
During hermes honcho setup, when the user selects a local/self-hosted provider, prompt for (or generate) an AUTH_JWT_SECRET the same way the cloud path does. Alternatively, document that users must set this manually and validate it during setup.
Impact
Users self-hosting Honcho who want authenticated API access have no supported path to configure it via Hermes tooling.
Alternatives Considered
Current workaround
Set AUTH_USE_AUTH=false in the Honcho compose environment — which disables all authentication on the local instance.
Feature Type
Configuration option
Scope
Small (single file, < 50 lines)
Contribution
Debug Report (optional)
Problem or Use Case
Feature Request: Support JWT Auth for Local Honcho Instances
Title: Hermes honcho setup should support AUTH_JWT_SECRET for local (self-hosted) Honcho
Problem
When configuring Hermes against a self-hosted (local) Honcho instance, the honcho setup flow does not configure AUTH_JWT_SECRET, apparently treating JWT auth as a cloud-only feature. This forces users to disable AUTH_USE_AUTH entirely to run a local instance, leaving the Honcho API unauthenticated.
Expected behavior
AUTH_JWT_SECRET should be configurable regardless of whether the Honcho provider is cloud or local. JWT is a transport-agnostic auth mechanism and there's no architectural reason to restrict it to cloud deployments.
Current workaround
Set AUTH_USE_AUTH=false in the Honcho compose environment — which disables all authentication on the local instance.
Suggested fix
During hermes honcho setup, when the user selects a local/self-hosted provider, prompt for (or generate) an AUTH_JWT_SECRET the same way the cloud path does. Alternatively, document that users must set this manually and validate it during setup.
Impact
Users self-hosting Honcho who want authenticated API access have no supported path to configure it via Hermes tooling.
Proposed Solution
Suggested fix
During hermes honcho setup, when the user selects a local/self-hosted provider, prompt for (or generate) an AUTH_JWT_SECRET the same way the cloud path does. Alternatively, document that users must set this manually and validate it during setup.
Impact
Users self-hosting Honcho who want authenticated API access have no supported path to configure it via Hermes tooling.
Alternatives Considered
Current workaround
Set AUTH_USE_AUTH=false in the Honcho compose environment — which disables all authentication on the local instance.
Feature Type
Configuration option
Scope
Small (single file, < 50 lines)
Contribution
Debug Report (optional)