We’re trying to develop an ASP NET Core web API which lets users authenticate through Azure AD and would like to retrieve files from NextCloud on behalf of this Azure AD user. Our infrastructure is composed of an Ubuntu server running NextCloud 12, a Windows Server running the ASP NET Core web API and an Azure Active Directory instance with Azure AD Domain Services. Signing in through NextCloud using LDAP (provided by AAD Domain Services) works without any issues.
We’ve been trying out SSO with SAML in addition to LDAP but we keep seeing this error message when signing into NextCloud:
Account not provisioned. Your account is not provisioned, access to this service is thus not possible.
How exactly are we able to retrieve files from NextCloud by using the same Azure AD token we receive when authenticating with our ASP NET web API?