I have Nextcloud behind traefik and authelia (all in docker)
I don’t want to use the 2fa within nextcloud but authelia with traefik (not authelia with oidc)
Everything is already working like a charm with a web browser
I type the url of my nextcloud instance (cloud.mydomain.tld), I am then redirected to authelia and once succesfully logged on authelia, I am then redirected to my nextcloud page
I am super happy with that
The problem comes when using the nextcloud android app
Because when I try to connect, nextcloud doesn’t show me the authelia screen
(app like OnlyOffice works great, showing me the authelia prompt directly in app)
I think you are talking about traefik forward auth? I have no glue if there are any drawbacks with it.
In my setup I’m running traefik, Nextcloud and Keycloak with OpenID and mobile apps work perfect. I think OpenID is the better choice for SSO integration. Forward auth is intended be a fallback if the application doesn’t support real SSO mechanics e.g. there is no chance to sign out from the application.
Could you share more details on how you integrated traefik/keycloak/nextcloud? What solutions/tutorial did you follow? Are you using a middleware for keycloak?