Can't embed second nextcloud with credentials of 2FA-enabled-account as external storage

Nextcloud version (eg, 20.0.5): 25.0.3
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04.1 LTS
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.52
PHP version (eg, 7.4): 8.1.2-1ubuntu2.10

The issue you are facing:
Can’t embed another nextcloud as external storage with credentials of an account that has 2FA enabled. Getting HTTP error code 401 (see below). As soon as I disable 2FA for the account, mounting the second nextcloud (or a folder therein) works without problems.
Shouldn’t this be possible with a browser window popping up asking me to provide a TOTP code, similar as with, say, the Nextcloud Windows client, where I can also connect accounts with 2FA this way?

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. go to admin settings → external storage
  2. try to connect to a second nextcloud using username and password of a given account
  3. if the account has 2FA enabled, this will fail and a red icon instead of a green one will show

The output of your Nextcloud log in Admin > Logging:

[no app in context] Warnung: OCP\Files\StorageInvalidException: Sabre\HTTP\ClientHttpException: Unauthorized at <<closure>>

 0. /var/www/nextcloud/lib/private/Files/Storage/DAV.php line xyz
 1. /var/www/nextcloud/lib/private/Files/Storage/DAV.php line xyz
 2. /var/www/nextcloud/lib/private/Files/Storage/Common.php line xyz
 3. /var/www/nextcloud/apps/files_external/lib/MountConfig.php line xyz
 4. /var/www/nextcloud/apps/files_external/lib/Controller/StoragesController.php line xyz
    OCA\Files_External\MountConfig::getBackendStatus("*** sensitive parameters replaced ***")
 5. /var/www/nextcloud/apps/files_external/lib/Controller/StoragesController.php line xyz
    OCA\Files_External\Controller\StoragesController->updateStorageStatus("*** sensitive parameters replaced ***")
 6. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line xyz
 7. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line xyz
 8. /var/www/nextcloud/lib/private/AppFramework/App.php line xyz
 9. /var/www/nextcloud/lib/private/Route/Router.php line xyz
10. /var/www/nextcloud/lib/base.php line xyz
11. /var/www/nextcloud/index.php line xyz

GET /apps/files_external/globalstorages/5?testOnly=true

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):


The corresponding line from /var/log/apache2/access.log:

ip_of_server_of_first_nextcloud - username_of_user_of_second_nextcloud_with_2fa_enabled [05/Feb/2023:14:56:30 +0100] "PROPFIND /remote.php/webdav/name_of_subfolder/ HTTP/1.1" 401 6420 "-" "sabre-dav/4.4.0 ("


Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.


welcome to the forum @regexreggae :handshake:

I don’t think you can use 2FA with Nextcloud external storage… but you can use “app passwords” - you can create such a password for not 2FA capable clients logging into you destination Nextcloud account > Personal Settings > Security (mycloud.tld/settings/user/security). You will get some GUID as password which is unique to this client and you can revoke access only for this device…

wow, super - this even works without having to disable 2FA for the respective account. Thanks!