we’re running a Nextcloud instance where all users log in via Single Sign-On (SSO). Generally, this works well. However, we’ve run into a major issue with the “Authentication required” popup that appears in certain situations.
Examples include:
Creating app passwords (e.g. for CalDAV sync)
Performing some admin-level actions like increasing group folder storage quotas
In these cases, Nextcloud prompts users with a modal asking them to re-enter their password. The problem: our users don’t have a Nextcloud-specific password. The password they used to log into our platform (which redirects through the SSO flow) doesn’t work here.
The only workaround we’ve found is logging out and logging in again, but even that doesn’t reliably help – for some users, the popup reappears even in a brand new session. It seems to depend on session state, but we can’t identify a clear pattern.
What we’d really like to do is disable this “Authentication required” popup altogether.
Has anyone else dealt with this or found a reliable solution?
Hi, maybe something is wrong with your SSO implementation. There are protection about that use case in the code, in the backend at least. PasswordConfirmationRequired checks that the user backend may enter its password in Nextcloud.
We’re currently running version Nextcloud Hub 9 (30.0.10), but the described problem has been persisting at least since Nextcloud 27.x.
We’re using the app Social Login (Version 6.0.2), using a custom OAuth2 configuration (screenshot attached), with our own Django webserver as the provider (screenshot of the OAuth userinfo endpoint output attached).
