Verify the Oauth access token generated from the external server and grant the access to upload/download the files to the client application

Karan_Kotabagi · June 1, 2018, 7:51pm

Hi,

I am trying to upload the files to the nextcloud server, and I am using the Keycloak Server as the external authentication server. The flow to upload the files via the access token is represented in Figure 1.

I have configured the nextcloud with the SSO and SAML authentication app, and if the user accesses the nextcloud url he is redirected to get it authenticated from the keycloak server and this works fine.

Now, I need to upload the files to the nextcloud server with the same authentication mechanism from the external client application by obtaining the access token from the keycloak server (authorization server). My question is if this is possible with the nextcloud server ? Can nextcloud validate the external token and grant access to the user to upload and download the files, and how can this be acheived over any API that nextcloud provides? I have tried the webDAV API and we can get the API call authenticated via username and password but we can’t get the authentication working with the token from the external server.

Figure 1

Here is the brief explanation of the steps:

Client application requests the access token from the authorization server with a particular grant type.
Authorization server (which is keycloak in this scenario) generates the access token and passes the access token to the client application.
Client application uses the same access token and sends it to the nextcloud server.
Nextcloud server validates the access token and grants the permission for the client application to use the protected resources.
Client application which now has been authorized can upload the files to the nextcloud server

Is it possible to achieve this login flow?
If yes, then how is this possible? I have tried this over the webDAV API and tested using the simple CURL calls (with the access token generated from keycloak server) but this is not possible.

Is there any other way to achieve the same, so that I can complete the login flow and push/download the files from the client application to the nextcloud server with this login flow?

trocha · August 2, 2018, 6:59pm

Greetings, currently I am trying to do something like you, you can solve this?

zahradehghanpour · May 11, 2020, 2:05pm

I have the same problem as you , I tried all the comments above but didn’t work . Is your problem solved?

stressed · August 17, 2021, 12:07pm

trying the same, is it even possible that has no solved issued yet?

Benjamin_ai · October 13, 2022, 10:11am

where the hell is support team? this problem was posted 4 years ago and still nothing???
I searched last 3 days on the whole internet and didn’t find any solution and support team didn’t answer this in the nextcloud community!!!??? great support guys, well done