App Login Method?

📱 Desktop & mobile clients
1

What WEBDAV method is used for app login? I blocked /index.php/login from apache config but users are still able to log in from the app.

What endpoint/method do I need to block to prevent initial login from apps?

I see this in the logs as the first method called, but my understanding is that blocking the below endpoint would block all webdav calls, I only want to block login based on IP.
10.10.10.10 - user [19/May/2017:16:45:52 -0400] “HEAD /remote.php/webdav/ HTTP/1.1” 200 -

2

What you want to do is not possible without implementing a custom Nextcloud application that listens on the login hooks.

So at the moment you either need to implement such a feature yourself, or get someone else to implement it. As your posting history seems to indicate an enterprise usage: https://nextcloud.com/enterprise/