OAuth2

Nextcloud allows connecting external services (for example Moodle) to your Nextcloud. This is done via OAuth2. See RFC6749 for the OAuth2 specification.

Note

Nextcloud does only support confidential clients.

Add an OAuth2 Application

Head over to your Administrator Security Settings. Here you can add a new OAuth2 client.

../_images/oauth2-settings.png

Enter the name of your application and provide a redirection url. You should now have a Client Identifier and Secret. Enter those into your OAuth2 client.

Please provide the OAuth2 application the following details:

Authorization endpoint: SERVER/apps/oauth2/authorize Token endpoint: SERVER/apps/oauth2/api/v1/token

Note that the SERVER portion must include index.php at the end if pretty URL is not configured.

The access token

The access token obtained is a so called Bearer token. Which means that for request to the Nextcloud server you will have to send the proper authorization header.

Authorization: Bearer <TOKEN>

Note that apache by default strips this. Make sure you have mod_headers, mod_rewrite and mod_env enabled.