diff --git a/API.md b/API.md
index f3a6c0935..f15e7b374 100644
--- a/API.md
+++ b/API.md
@@ -381,6 +381,7 @@ Output is the raw Docker log.
     "port": "port for access hass",
     "ssl": "bool",
     "password": "",
+    "refresh_token": "",
     "watchdog": "bool",
     "startup_time": 600
 }
diff --git a/hassio/api/homeassistant.py b/hassio/api/homeassistant.py
index 0cda6dcdb..a86c8cf6d 100644
--- a/hassio/api/homeassistant.py
+++ b/hassio/api/homeassistant.py
@@ -123,7 +123,7 @@ class APIHomeAssistant(CoreSysAttributes):
     @api_process
     def start(self, request):
         """Start homeassistant."""
-        asyncio.shield(self.sys_homeassistant.start())
+        return asyncio.shield(self.sys_homeassistant.start())
 
     @api_process
     def restart(self, request):
diff --git a/hassio/api/utils.py b/hassio/api/utils.py
index eaedc7dbb..b3ce8a4db 100644
--- a/hassio/api/utils.py
+++ b/hassio/api/utils.py
@@ -1,6 +1,5 @@
 """Init file for HassIO util for rest api."""
 import json
-import hashlib
 import logging
 
 from aiohttp import web
@@ -94,9 +93,3 @@ async def api_validate(schema, request):
         raise RuntimeError(humanize_error(data, ex)) from None
 
     return data
-
-
-def hash_password(password):
-    """Hash and salt our passwords."""
-    key = ")*()*SALT_HASSIO2123{}6554547485HSKA!!*JSLAfdasda$".format(password)
-    return hashlib.sha256(key.encode()).hexdigest()
diff --git a/hassio/const.py b/hassio/const.py
index 79a11ebf5..4d34d1fc9 100644
--- a/hassio/const.py
+++ b/hassio/const.py
@@ -2,7 +2,7 @@
 from pathlib import Path
 from ipaddress import ip_network
 
-HASSIO_VERSION = '117'
+HASSIO_VERSION = '118'
 
 URL_HASSIO_ADDONS = "https://github.com/home-assistant/hassio-addons"
 URL_HASSIO_VERSION = \
diff --git a/hassio/homeassistant.py b/hassio/homeassistant.py
index 588d45ca1..d7b34a762 100644
--- a/hassio/homeassistant.py
+++ b/hassio/homeassistant.py
@@ -393,7 +393,7 @@ class HomeAssistant(JsonConfig, CoreSysAttributes):
                 headers[hdrs.AUTHORIZATION] = f'Bearer {self.access_token}'
 
             async with getattr(self.sys_websession_ssl, method)(
-                    url, timeout=timeout, json=json, headers=headers
+                    url, data=data, timeout=timeout, json=json, headers=headers
             ) as resp:
                 # Access token expired
                 if resp.status == 401 and self.refresh_token: