Nextcloud allows connecting external services (for example Moodle) to your Nextcloud.
This is done via
OAuth2. See RFC6749 for the
Nextcloud does only support confidential clients.
Add an OAuth2 Application¶
Head over to your Administrator Security Settings. Here you can add a new
Enter the name of your application and provide a redirection url.
You should now have a Client Identifier and Secret. Enter those into your
Please provide the OAuth2 application the following details:
- Authorization endpoint:
- Token endpoint:
Note that you must include
index.php if pretty URL is not configured - i.e.
The access token¶
The access token obtained is a so called Bearer token. Which means that for request to the Nextcloud server you will have to send the proper authorization header.
Authorization: Bearer <TOKEN>
Note that apache by default strips this. Make sure you have
OAuth2 implementation currently does not support scoped access. This means that every token has full access to the complete account including read and write permission to the stored files. It is essential to store the
OAuth2 tokens in a safe way!
Without scopes and restrictable access it is not recommended to use a Nextcloud instance as a user authentication service.