Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can. 
The Basics
- Nextcloud Server version (e.g., 29.x.x):
- 33.0.0
- Operating system and version (e.g., Ubuntu 24.04):
- Ubuntu 22.04.5 LTS
- Web server and version (e.g, Apache 2.4.25):
- apache2 2.4.66-1+ubuntu22.04.1
- Reverse proxy and version _(e.g. nginx 1.27.2)
n/a
- PHP version (e.g, 8.3):
8.5
- Is this the first time you’ve seen this error? (Yes / No):
Yes
- When did this problem seem to first start?
after fresh install of 33.0.0
- Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
latest.zip -> /var/www
- Are you using CloudfIare, mod_security, or similar? (Yes / No)
No
Summary of the issue you are facing:
Creation of app passwords is impossible - required authentification fails consistently
Steps to replicate it (hint: details matter!):
-
Login as normal user “mike” (use browser’s password manager)
-
Go to User Icon → Settings → Security, scroll down
-
Add “Opensync” as App Name, click “Create new app password”
-
Popup opens “Authentication required - This action needs authentication, please confirm it by entering your password.”
-
Enter password (use password manager)
-
- Expected: Popup closes, App password is created
- Actual: Popup stays open, displays “wrong password”
Log entries
Nextcloud
Please provide the log entries from your Nextcloud log that are generated during the time of problem (via the Copy raw option from Administration settings->Logging screen or from your nextcloud.log located in your data directory). Feel free to use a pastebin/gist service if necessary.
{"reqId":"NiDJxUSOcmZ2erNWwWJB","level":2,"time":"2026-03-25T22:20:32+00:00","remoteAddr":"2a02:8071:73f1:4c80:2a62:c4b8:611b:ad04","user":"--","app":"core","method":"OPTIONS","url":"/remote.php/dav","scriptName":"/remote.php","message":"Login failed: 'mike' (Remote IP: '2a02:8071:73f1:4c80:2a62:c4b8:611b:ad04')","userAgent":"gnome-online-accounts/3.50.4 libsoup/3.4.4","version":"33.0.0.16","data":{"app":"core"},"id":"69c45fe64d5f1"}
Web Browser
If the problem is related to the Web interface, open your browser inspector Console and Network tabs while refreshing (reloading) and reproducing the problem. Provide any relevant output/errors here that appear.
n/a
Web server / Reverse Proxy
The output of your Apache/nginx/system log in /var/log/____:
<empty>
Configuration
Nextcloud
The output of occ config:list system or similar is best, but, if not possible, the contents of your config.php file from /path/to/nextcloud is fine (make sure to remove any identifiable information!):
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"wolke.fritz.box"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "33.0.0.16",
"overwrite.cli.url": "http:\/\/wolke.fritz.box",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"allow_local_remote_servers": true,
"logfile": "\/var\/log\/nextcloud.log",
"0": [
"tasks"
],
"defaultapp": "dashboard,files,photos",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_smtpsecure": "ssl",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpauth": true,
"mail_smtpport": "465",
"mail_sendmailmode": "smtp",
"mail_smtpstreamoptions": {
"ssl": {
"allow_self_signed": false,
"verify_peer": true,
"verify_peer_name": true
}
}
}
}
Apps
The output of occ app:list (if possible).
Enabled:
- activity: 6.0.0-dev.0
- app_api: 33.0.0
- bruteforcesettings: 6.0.0-dev.0
- calendar: 6.2.1
- cloud_federation_api: 1.17.0
- comments: 1.23.0
- contacts: 8.4.2
- contactsinteraction: 1.14.1
- dashboard: 7.13.0
- dav: 1.36.0
- federatedfilesharing: 1.23.0
- files: 2.5.0
- files_downloadlimit: 5.1.0-dev.0
- files_pdfviewer: 6.0.0-dev.0
- files_sharing: 1.25.2
- files_trashbin: 1.23.0
- files_versions: 1.26.0
- firstrunwizard: 6.0.0-dev.0
- logreader: 6.0.0
- lookup_server_connector: 1.21.0
- mail: 5.7.5
- notifications: 6.0.0
- oauth2: 1.21.0
- password_policy: 5.0.0-dev.0
- photos: 6.0.0-dev.0
- privacy: 5.0.0-dev.0
- profile: 1.2.0
- provisioning_api: 1.23.0
- recommendations: 6.0.0-dev.0
- related_resources: 4.0.0-dev.0
- serverinfo: 5.0.0-dev.0
- settings: 1.16.0
- sharebymail: 1.23.0
- support: 5.0.0
- systemtags: 1.23.0
- tasks: 0.16.1
- text: 7.0.0-dev.3
- theming: 2.8.0
- twofactor_backupcodes: 1.22.0
- twofactor_totp: 15.0.0-dev.0
- updatenotification: 1.23.0
- user_status: 1.13.0
- viewer: 6.0.0-dev.0
- weather_status: 1.13.0
- webhook_listeners: 1.5.0
- workflowengine: 2.15.0
Disabled: - admin_audit: 1.23.0
- circles: 33.0.0 (installed 33.0.0)
- encryption: 2.21.0
- federation: 1.23.0 (installed 1.23.0)
- files_external: 1.25.1
- files_reminders: 1.6.0 (installed 1.6.0)
- nextcloud_announcements: 5.0.0 (installed 5.0.0)
- survey_client: 5.0.0-dev.0 (installed 5.0.0-dev.0)
- suspicious_login: 11.0.0-dev.0
- twofactor_nextcloud_notification: 7.0.0
- user_ldap: 1.24.0
Tips for increasing the likelihood of a response
- Use the
preformatted textformatting option in the editor for all log entries and configuration output. - If screenshots are useful, feel free to include them.
- If possible, also include key error output in text form so it can be searched for.
- Try to edit log output only minimally (if at all) so that it can be ran through analyzers / formatters by those trying to help you.
