Authentication for mobile apps


I’m working on a little mobile app that would like to authenticate with nextcloud and not have anything to do with the user’s own nextcloud password. Apps like passman actually just send and recieve the password in the clear, which I’d really like to not do.

I’ve noticed there is a lowish level authentication api that forwards to a given uri once done, but on a mobile device its likely that it’ll be handled by the nextcloud app itself and I don’t want to get in its way. The other option is Oauth2 but I really don’t want to force people to register a new Oauth2 app in the nextcloud settings manually.

Is there some preffered way to do what I’d like to do? Can a nextcloud app (in php) auto register an oauth2 app? Or is there a better way? Maybe just ask the nextcloud app itself to authenticate us? I so far haven’t noticed anything I can use to do what I want.