Configuring Single-Sign-On

Using the SSO & SAML app of your Nextcloud you can make it easily possible to integrate your existing Single-Sign-On solution with Nextcloud. In addition, you can use the Nextcloud LDAP user provider to keep the convenience for users. (e.g. when sharing)

The following providers are supported and tested at the moment:

  • SAML 2.0
    • OneLogin
    • Shibboleth
    • Active Directory Federation Services (ADFS)
  • Authentication via Environment Variable
    • Kerberos (mod_auth_kerb)
    • CAS (see below)
    • Any other provider that authenticates using the environment variable

While theoretically any other authentication provider implementing either one of those standards is compatible, we like to note that they are not part of any internal test matrix.

Enabling the SSO & SAML app


Make sure to configure an administrative user that can access the instance via SSO. Logging-in with your regular Nextcloud account won’t be possible anymore, unless you go directly to the URL

Attached Files
There are no attachments for this article.

If you have any questions or feedback on this article, do not hesitate to contact us. We are here to help you get the most out of Nextcloud.