Skip to content

Commit cc3cc6c

Browse files
authored
Merge pull request #14734 from nextcloud/backport/14728/stable33
2 parents 430e4d9 + 8e349c1 commit cc3cc6c

1 file changed

Lines changed: 8 additions & 0 deletions

File tree

admin_manual/configuration_server/oauth2.rst

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,3 +41,11 @@ Security considerations
4141
Nextcloud ``OAuth2`` implementation currently does not support scoped access. This means that every token has full access to the complete account including read and write permission to the stored files. It is essential to store the ``OAuth2`` tokens in a safe way!
4242

4343
Without scopes and restrictable access it is not recommended to use a Nextcloud instance as a user authentication service.
44+
45+
Skipping pre-login warning
46+
--------------------------
47+
48+
In Nextcloud default ``OAuth2`` flow, a confirmation step is shown before login if the user is not yet logged-in, and a second one is shown after login.
49+
To skip the pre-login one for a trusted application, the configuration option ``skipAuthPickerApplications`` can be set through occ::
50+
51+
sudo -E -u www-data php occ config:app:set oauth2 skipAuthPickerApplications --type array --value '["myapplication"]'

0 commit comments

Comments
 (0)