All Categories
  • Authentication
  • Branding
  • Changelogs
  • Collaboration
  • Compliance
  • Customization
  • Desktop Client
  • External Storage
  • Frequently Asked Questions
  • Installation
  • Nextcloud Talk
  • Operations
  • Partner Products
  • Roundcubemail
  • Scalability
  • Security
  • Configuring Single-Sign-On

    Using the SSO & SAML app of your Nextcloud you can make it easily possible to integrate your existing Single-Sign-On solution with Nextcloud. In addition, you can use the Nextcloud LDAP user provider to keep the convenience for users. (e.g. when sharing)

    The following providers are supported and tested at the moment:

    • SAML 2.0

      • OneLogin
      • Shibboleth
      • Active Directory Federation Services (ADFS)
    • Authentication via Environment Variable

      • Kerberos (mod_auth_gssapi)
      • CAS (see below)
      • Any other provider that authenticates using the environment variable

    While theoretically any other authentication provider implementing either one of those standards is compatible, we like to note that they are not part of any internal test matrix.

    Enabling the SSO & SAML app

    Warning:

    Make sure to configure an administrative user that can access the instance via SSO. Logging-in with your regular Nextcloud account won’t be possible anymore, unless you go directly to the URL https://cloud.example.com/login?direct=1.

    The “SSO & SAML” App is shipped and disabled by default. To enable the app enabled simply go to your Nextcloud Apps page to enable it. It can then be found in the “SSO & SAML authentication” section of your Nextcloud.