Why no OAuth from nextcloud instance to help.nextcloud?

I notice the signup form has options to signup via OAuth using Google, Facebook, Github and Twitter, but no option to use your own nextcloud instance. That seems a bit counter-intuitive, especially for a platform focused largely towards privacy advocates. I’d say it’s something to seriously consider making a priority.

As you realized the listed OAuth providers are “optional”, so there is no need to use them. To which central Nextcloud instance are you referring? Afaik no central Nextcloud instance exists where all Nextcloud users are already having an account yet? So how should authentication work?

To better understand your request, please explain IN DETAIL what function you’re looking for.

I wasn’t aware an OAuth provider needed to be centralised/hard-coded in order to work. Would it not be possible to simply type/paste a url to one’s own instance into a form in order to initiate authentication? Or perhaps a link within the nextcloud instance itself to automatically authenticate to help.nextcloud.com. If that’s technically not possible, then you’ll need to forgive me for my lack of familiarity with the technical inner workings of OAuth.

Imagine someone want to get access to your flat or house. I think you would want to personally control and grant access to it instead of just letting someone, who you might personally not know, authenticate himself by pointing to his own personal key ring in his pocket, right?! :wink:

As you are realizing, there are problems with providing Oauth from your own Nextcloud. The best of my understanding:

You’ll need a central Nextcloud instance to provide Oauth.

Oauth would have to be from a specified Nextcloud instance. So only from cloud.nextcloud.com rather than my.cloud.xyz or anywhere else. That instance would generate the Oauth token and then the token could be added to the forum via a plugin.

Oauth token currently grants full r+w access

This is a security concern for even just one central Nextcloud instance being used until scoped access is introduced. This caveat is also explained in the admin documentation at the bottom.

For the moment, Oauth is not a great choice for this.

DiscourseSSO is an app for adding specific Discourse access from a specified Nextcloud

Note this means you’ll be dependent on this app and can still only use one specified Nextcloud instance.

OpenID is yet another choice for Nextcloud and Discourse.

Here is an app, which I’ve never used. You’ll have to read up on OpenID to learn more, but it also uses Oauth so the same caveats above will apply.

Hope this helps you to search out more info.