Disable certain 2FA provider via occ

I’m trying to disable Two-Factor Authentication via Nextcloud notification via occ, because I keep getting this annoying (but non-breaking) error when I’m logging in
Screenshot_2020-02-24%20Haddock%20Cloud

So I went into my logs and found this error that kept popping up:

two-factor auth provider 'twofactor_nextcloud_notification' failed to load

So, I tried running this command to disable twofactor_nextcloud_notification:

./occ twofactorauth:disable username twofactor_nextcloud_notification

but it’s giving me this error

In ProviderManager.php line 54:
The provider 'twofactor_nextcloud_notification' does not exist'

So how do I go about disabling twofactor_nextcloud_notification?

Disable the app the right way:

./occ app:disable <app-name>

You can get the state for a user:
php occ twofactorauth:state user

And you get the right provider names. I’m not sure if you can disable all providers if you enforce the use of 2FA.

1 Like

I forgot to mention how that was how I originally got the twofactor_nextcloud_notfication name. When I do ./occ twofactorauth:state user, I get

Enabled providers:
- backup_codes
- totp
- twofactor_nextcloud_notification

That won’t work because Two-Factor Authentication via Nextcloud notification isn’t actually installed. It’s just still associated with my account, even after I disabled and removed it.

Now that you know what providers are enabled for the given user, you can run the command ./occ twofactor:disable <userid> <provider_id> to disable the provider for that user.

I.E. ./occ twofactor:disable user twofactor_nextcloud_notification

Well that is what he did, check the first post. Then it’s a bug?

His syntax looks different though, unless both can be used :thinking:

EDIT:

Other than that, I agree, it looks like a bug from that app (just like most apps) - They never clean up after themselves when you uninstall them.

I found something in the bug tracker, so it seems that you need to enable this authentication provider, or you cleanup:

... twofactorauth:cleanup <providerId>

3 Likes

That seems to have fixed it. Thanks! :grinning: