SAML/OpenID Connect support in Android application?

Nextcloud version: 26.0.10
Operating system and version : Rocky Linux 8.8
Apache or nginx version: 2.4.37
PHP version: 8.2

The issue you are facing: The Nextcloud Android application does not seem to support SAML or OpenID Connect authentication, since the WebView instance it uses does not ask to select a certificate when trying to authenticate via the IDP.

This issue occurs with both SAML and OpenID, when they are, respectively, configured with the SSO & SAML authentication or Social Login Nextcloud apps.

The IDP I have used is Keycloak and both authentication modes work when logging in to Nextcloud via web browser. Also I can still login with the Android app when using basic authentication (username & password) or by using the QR-code login.

Is this the first time you’ve seen this error?: Yes

Steps to replicate it:

  1. Enable either SSO application and configure it to use your selected IDP
  2. Try to login with SAML or OpenID Connect in the Android application

I wonder if anyone has run into this issue, and if they have, have they managed to solve it?

I successfully integrated Nextcloud with Keycloak, Authentik and Zitadel using openid and user_oidc app. I’m wondering about

what are you looking for? why and which certificate d you want to choose?

Hey wwe,

Thank you for the reply.

I have a user certificate in my Android Keystore, which is usable by all Android apps.

I would expect WebView to present a prompt, where I could select the certificate to use for the SAML/OpenID login.

This happens, as expected, only when logging into Nextcloud via Keycloak with the Chrome app, but not with WebView login of the Nextcloud Android app.

Regarding your setup, have you successfully managed to perform a certificate login with the Nextcloud Android app?

No I never used certificate auth always user/password with MFA or passwordless(Passkeys).