Support intro
Sorry to hear you’re facing problems 
help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.
In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:
example
Or for longer, use three backticks above and below the code snippet:
longer
example
here
Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can 
Nextcloud version (eg, 20.0.5): replace me
Operating system and version (eg, Ubuntu 20.04): replace me
Apache or nginx version (eg, Apache 2.4.25): replace me
PHP version (eg, 7.4): replace me
The issue you are facing:
I drive nextcloud/NCP on my NVIDIA Jetson Nano. I like it to use nextcloud as an OAUTH2-provider. For the communication with the clients (mainly mobile devices), I want to automate the creation of the necessary client endpoint with a shell script. I fail with the error message “CSRF check failed” or “412 Precondition Failed”.
Is this the first time you’ve seen this error? (Y/N): Yes
Steps to replicate it:
- start shell on nextcloud server
- execute
curl -v -u “myadmin:mypassword” https://www.mynextcloud.com/index.php/apps/oauth2/clients -d ‘{“name”:“myClient”,“redirectUri”:"$redirectUri"}’ -H “OCS-APIRequest: true” -H “Content-Type: application/json” -H “Accept: application/json”
The output of your Nextcloud log in Admin > Logging:
* Expire in 4 ms for 1 (transfer 0x55b1b0bf30)
* Trying 999.999.999.999...
* TCP_NODELAY set
* Expire in 149993 ms for 3 (transfer 0x55b1b0bf30)
* Expire in 200 ms for 4 (transfer 0x55b1b0bf30)
* Connected to www.mynextcloud.com (999.999.999.999) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=balena.io
* start date: Sep 3 00:00:00 2020 GMT
* expire date: Oct 4 12:00:00 2021 GMT
* subjectAltName: host "www.mynextcloud.com" matched cert's "*.mynextcloud.com"
* issuer: C=US; O=...; OU=Server ... 1B; CN=...
* SSL certificate verify ok.
* Server auth using Basic with user 'myadmin'
> POST /index.php/apps/oauth2/clients HTTP/1.1
> Host: www.mynextcloud.com
> Authorization: Basic secret
> User-Agent: curl/7.64.0
> OCS-APIRequest: true
> Content-Type: application/json
> Accept: application/json
> X-CSRF-Token: secret
> Content-Length: 47
>
* upload completely sent off: 47 out of 47 bytes
< HTTP/1.1 412 Precondition Failed
< cache-control: no-cache, no-store, must-revalidate
< content-length: 31
< content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
< content-type: application/json; charset=utf-8
< date: Mon, 22 Mar 2021 07:53:58 GMT
< expires: Thu, 19 Nov 1981 08:52:00 GMT
< feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
< pragma: no-cache
< referrer-policy: no-referrer
< server: Apache
< set-cookie: oc_sessionPassphrase=lakjföldfkj; path=/nc; secure; HttpOnly; SameSite=Lax
< set-cookie: nc_sameSiteCookielax=true; path=/nc; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
< set-cookie: nc_sameSiteCookiestrict=true; path=/nc; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
< set-cookie: oc1e1awjqj0t=4su5aitgmbvtku6n6rg5js0ktm; path=/nc; secure; HttpOnly; SameSite=Lax
< set-cookie: cookie_test=test; expires=Mon, 22-Mar-2021 08:54:01 GMT; Max-Age=3600
< strict-transport-security: max-age=15552000; preload
< x-content-type-options: nosniff
< x-download-options: noopen
< x-frame-options: SAMEORIGIN
< x-permitted-cross-domain-policies: none
< x-robots-tag: none
< x-xss-protection: 1; mode=block
< connection: keep-alive
< Vary: Accept-Encoding
<
* Connection #0 to host www.mynextcloud.com left intact
{"message":"CSRF check failed"}
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'passwordsalt' => 'secret',
'secret' => 'very secret',
'trusted_domains' =>
array (
0 => 'localhost',
5 => 'nextcloudpi.local',
7 => 'www.mynextcloud.com',
8 => 'nextcloudpi.lan',
1 => '172.20.0.5',
6 => 'sleep',
),
'datadirectory' => '/data/nextcloud/data',
'dbtype' => 'mysql',
'version' => '20.0.8.1',
'overwrite.cli.url' => 'http://localhost',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'ncdbadmin',
'dbpassword' => 'veryverysecret=',
'installed' => true,
'installed' => true,
'instanceid' => 'oc1e1awjqj0t',
'memcache.local' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/var/run/redis/redis.sock',
'port' => 0,
'timeout' => 0.0,
'password' => 'secret',
),
'tempdirectory' => '/var/www/nextcloud/data/tmp',
'mail_smtpmode' => 'smtp',
'mail_smtpauthtype' => 'LOGIN',
'mail_from_address' => '....',
'mail_domain' => '....',
'preview_max_x' => '2048',
'preview_max_y' => '2048',
'jpeg_quality' => '60',
'overwriteprotocol' => 'https',
'maintenance' => false,
'loglevel' => 2,
'mail_sendmailmode' => 'smtp',
'mail_smtphost' => 'smtp.....de',
'mail_smtpport' => '587',
'mail_smtpauth' => '1',
'mail_smtpsecure' => 'tls',
'mail_smtpname' => '.....de',
'mail_smtppassword' => 'secret',
'overwritewebroot' => '/nc',
'auth.bruteforce.protection.enabled' => 'false',
'csrf.disabled' => 'true',
'theme' => '',
'trusted_proxies' =>
array (
0 => 'https://www.mynextcloud.com',
),
);
The output of your Apache log in /var/log/apache2/error.log:
empty
The output of your Apache log in /var/log/apache2/other_vhosts_access.log :
localhost:80 172.20.0.2 - - [21/Mar/2021:20:01:37 +0000] "POST /index.php/apps/oauth2/clients/ HTTP/1.1" 302 1657 "-" "curl/7.64.0"