I would like to use my self-hosted ntfy instance with KUnifiedPush. But it doesn’t work. I always get a forbidden-error. I guess the reason is that the server requires authentification. But unified push should always work (anonymous has write-only access to topic up*)* and in fact it does work for all my other use cases (Matrix for example). So is this a known limitation/issue with kunifiedpush, or should it work?
Since you host your own ntfy server, have you already had a look at the access log which request is actually failing with the forbidden error code?
Good point. I see messages like this in the ntfy log:
Jan 20 10:34:48 myhost ntfy[851892]: 2026/01/20 10:34:48 DEBUG HTTP request started (http_method=GET, http_path=/upezE5NTdkNWU3,upezdjMWYyZGIx/sse?up=1&since=all, tag=http, visitor_auth_limiter_limit=0.016666666666666666, visitor_auth_limiter_tokens=30, visitor_id=ip:xxxx:xxx:xxxx:xxx::, visitor_ip=xxxx:xxx:xxxx:xxx::211, visitor_messages=1, visitor_messages_limit=17280, visitor_messages_remaining=17279, visitor_request_limiter_limit=0.2, visitor_request_limiter_tokens=60, visitor_seen=2026-01-20T10:34:48.378+01:00)
Jan 20 10:34:48 myhost ntfy[851892]: 2026/01/20 10:34:48 DEBUG Access to topic upezE5NTdkNWU3 not authorized (error=unauthorized, http_method=GET, http_path=/upezE5NTdkNWU3,upezdjMWYyZGIx/sse?up=1&since=all, tag=http, topic=upezE5NTdkNWU3, topic_last_access=2026-01-20T10:28:13.314+01:00, topic_subscribers=0, visitor_auth_limiter_limit=0.016666666666666666, visitor_auth_limiter_tokens=30, visitor_id=ip:xxxx:xxx:xxxx:xxx::, visitor_ip=xxxx:xxx:xxxx:xxx::211, visitor_messages=1, visitor_messages_limit=17280, visitor_messages_remaining=17279, visitor_request_limiter_limit=0.2, visitor_request_limiter_tokens=59.0000810658, visitor_seen=2026-01-20T10:34:48.378+01:00)
Jan 20 10:34:48 myhost ntfy[851892]: 2026/01/20 10:34:48 DEBUG Connection closed with HTTP 403 (ntfy error 40301) (error=forbidden, error_code=40301, http_method=GET, http_path=/upezE5NTdkNWU3,upezdjMWYyZGIx/sse?up=1&since=all, http_status=403, tag=http, topic=upezE5NTdkNWU3, topic_last_access=2026-01-20T10:28:13.314+01:00, topic_subscribers=0, visitor_auth_limiter_limit=0.016666666666666666, visitor_auth_limiter_tokens=30, visitor_id=ip:xxxx:xxx:xxxx:xxx::, visitor_ip=xxxx:xxx:xxxx:xxx::211, visitor_messages=1, visitor_messages_limit=17280, visitor_messages_remaining=17279, visitor_request_limiter_limit=0.2, visitor_request_limiter_tokens=59.0000891912, visitor_seen=2026-01-20T10:34:48.378+01:00)
Jan 20 10:34:48 myhost ntfy[851892]: 2026/01/20 10:34:48 DEBUG HTTP request finished (http_method=GET, http_path=/upezE5NTdkNWU3,upezdjMWYyZGIx/sse?up=1&since=all, tag=http, time_taken_ms=0, visitor_auth_limiter_limit=0.016666666666666666, visitor_auth_limiter_tokens=30, visitor_id=ip:xxxx:xxx:xxxx:xxx::, visitor_ip=xxxx:xxx:xxxx:xxx::211, visitor_messages=1, visitor_messages_limit=17280, visitor_messages_remaining=17279, visitor_request_limiter_limit=0.2, visitor_request_limiter_tokens=59.0000992966, visitor_seen=2026-01-20T10:34:48.378+01:00)
But I can send messages via curl to the server as UnidfiedPush-topics (up*) without any problems (and without authentication). So, anonymous does have write-only access to topics starting with “up”. I double-checked that.
KUnifiedPush cannot authenticate yet on ntfy instances that have access control enabled.
This should become available in 26.04 though: Add ntfy.sh basic and token authentication support (!35) · Merge requests · Libraries / KUnifiedPush · GitLab
1 Like