Nextcloud account provisioning

Hello,

I’m developing a device management backend app in nextcloud, for managing Sailfish OS phones.

Within this, I want to configure the nextcloud account on the managed device. Therefore my plan for the registering of a device is:

  1. The user presses a button in Nextcloud “Manage new Device”
  2. The nextcloud apps generates a device access token and generates a QR code (nextcloud url, username, access token), to configure the Sailfish MDM app (for nextcloud)
  3. The user scans the QR code with the MDM app on the phone, and the app set’s up the connection with the nextcloud backend

Using a managed device:
If the user decides to configure accounts (e.g. the nextcloud account) on the device, the nextcloud backend app, of course needs to know the passwords or the access tokens. Therefore, in my understing, we need to store the in the register phase generated access token permanently in the database, to deliver it to the MDM device, whenever needed.

Now I have to questions:

  • Is this thinking basesically correct or should it be handled in another way?
  • Is there an API to generaten an access token from an nextcloud app?

Hey,

If I understood you correctly, you should take a look at login flows: Login Flow — Nextcloud latest Developer Manual latest documentation

Also, Generation of QR code for app tokens is already part of Nextcloud itself (see settings → security). An example on how it is read can be found at talk-ios/NextcloudTalk/QRCodeLoginController.swift at master · nextcloud/talk-ios · GitHub