My wife is getting Access forbidden Message when she tries to log in through the iOS app. She can log in via web interface successfully. I can log into my account via iOS app.
I cant figure out what the issue is. She has gotten to a login point that says âgrant accessâ. She click âgrant accessâ then is logged out. When she goes to log back in she gets the access forbidden message.
Any clue?
does anyone have a guess?
Can you fill out the template
Maybe set loglevel to debug.
Have you looked for the error? Iâve found a lot about it.
Are you using the same browser, same iOS?
And have a little patience
I am also facing the exact issue. This is occurring on both type of devices, Android and IOs. Running Nexcloud v 30.0.8 docker and nginx proxy also docker.
This worked for me on the Android as a workaround. Logged in to the default web browser (Firefox in my case), then attempted to long into the Nextcloud app. It automatically said authentication granted as I was already successfully logged in. Not having good luck with IOS.
Hi!
Iâm facing the same issue with my girlfriends iPhone. I used an app password and this worked. Maybe it helps 
Confirmed I this worked for me as well.
in my case this was fixed adding âoverwriteprotocolâ to the config.php:
config/config.php
<?phpIâm also having this very same problem. The fix that @Johanfire suggested does not work for me as this is already present within config.php.
Iâm trying to debug but itâs difficult as it only happens on iOS and I donât have an iPhone to hand.
Try waiting 1 minute between each step during the login. I had this issue back in Nextcloud 29 I believe and that solved it.
I dont know. This is not something that I have control over as other people are the ones logging in⊠Need to find a robust solution to this problem.
Could you forward these instructions to them? Iâd love to know if it works still.
Right but itâs not one user. There will be many people using this with iOS app so itâs not really a solution to the problem.
I have this same issue, background of my issue - I was using my main domain and authenticating via iOS app which worked fine for quiet awhile with the config.php having an insert of âoverwriteprotocolâ => âhttpsâ,. However I decided to move my NC to a subdomain. When I tried authenticating my iOS app âState token Missingâ keeps coming up. I tried asking AI to verify the logs, and stated:
The repeated 404 Not Found errors on /login/v2/poll along with the âstate token missingâ message strongly suggest that something is blocking or misrouting the request to the Nextcloud login endpoint.
So far its suggestions havenât really given me any positive results.
Edit: Iâm running 31.0.2 from a âregularâ repo not the AIO
What version of Nextcloud server are you running? Is it the All-in-one distribution?
I donât have a device but have tested in the iOS simulator and had similar repeated 404 errors for that endpoint. Looking at the docs, this is how the auth works: Login Flow â Nextcloud latest Developer Manual latest documentation App polls the endpoint with the token until it returns after logging in.
However, when reaching the âAccount connectedâ page after logging in, the 404 auth poll persists. At that point I am assuming it should return the json payload with appPassword as the docs mention but get nothing. Pressing back button goes back to asking for hostname.
Github Issue I opened: State token missing (Login Flow V2) · Issue #3403 · nextcloud/ios · GitHub
Update 1: Iâve checked the poll_token in oc_login_flow_v2 DB table on server and it doesnât exist.
So either server is not creating it when it should or iOS app is not initialising the flow correctly.
Update 2: If I manually create an app token it is apparently not a valid password in the iOS app.
Update 3: I think it is [Bug]: Can't login from iOS client app · Issue #50619 · nextcloud/server · GitHub resolved by fix(base.php): Correct order for booting \OC\Server by nickvergessen · Pull Request #51361 · nextcloud/server · GitHub but I only deployed my instance a few days ago. Need to check actual fix version
An error occurred: Body is too short (minimum is 10 characters)
I did some investigation last night and found that HTTP/3 was being utilized by the Caddy instance within the Apache container.
There was a few responses from the server that were interrupted and, not knowing how to debug HTTP/3 sufficiently, decided to disable it.
Because Apache container is read-only, I couldnât edit the Caddyfile, so in docker-compose.yml, I uncommented APACHE_PORT and the block for caddy and ran it as a separate container.
Then in the config content for Caddyfile in the compose yml, I added the following right above the vhost:
{
server {
protocols {
h1 h2
}
}
}
This has solved the problem I had with the iOS simulator, but I cannot fully verify it has fixed the âState token invalidâ issue until I see my colleague next week to clear browser cache (I believe this is now the culprit after fixing the main problem)
Hope that helps. Would be interesting to know how you get on as I think it would be worth adjusting the default AIO config to disable HTTP/3 if its causing problems for a lot of people. I can only assume this was added recently in newer iOS/Alamofire library and/or Caddy server (though I think in the latter it was already supported for awhile)
I had the same issue just today. To get it working again, I did the following:
Thank dwi. It works for me.
This did not fix the âState token missingâ error. Ultimately I think there is a bug somewhere but canât debug as I donât have access to the device which is causing the issue⊠aaaaand I canât keep pestering the person to try this or thatâŠ