Skip to content

Commit 8e349c1

Browse files
come-ncbackportbot[bot]
authored andcommitted
feat: Document oauth2 setting 'skipAuthPickerApplications'
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 parent 5a820d0 commit 8e349c1

1 file changed

Lines changed: 8 additions & 0 deletions

File tree

admin_manual/configuration_server/oauth2.rst

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,3 +41,11 @@ Security considerations
4141
Nextcloud ``OAuth2`` implementation currently does not support scoped access. This means that every token has full access to the complete account including read and write permission to the stored files. It is essential to store the ``OAuth2`` tokens in a safe way!
4242

4343
Without scopes and restrictable access it is not recommended to use a Nextcloud instance as a user authentication service.
44+
45+
Skipping pre-login warning
46+
--------------------------
47+
48+
In Nextcloud default ``OAuth2`` flow, a confirmation step is shown before login if the user is not yet logged-in, and a second one is shown after login.
49+
To skip the pre-login one for a trusted application, the configuration option ``skipAuthPickerApplications`` can be set through occ::
50+
51+
sudo -E -u www-data php occ config:app:set oauth2 skipAuthPickerApplications --type array --value '["myapplication"]'

0 commit comments

Comments
 (0)