Allow App Logins #28
Comments
|
In the same breath I wanted to ask if it is possible web login password protected shared link ( no user login ) ? |
|
+1 |
|
It seems like tight now, app access from IPs not matching the list is not allowed at all. Ideally, I'd like to set it up such that only the login procedure requires you to be inside the LAN or using the VPN for an extra layer of security, but then synchronization can continue over public internet. It seems that this works when using a browser, but any apps immediatelly fail with 403 Forbidden once you are outside the local network, even if they were logged in before. |
|
It seems that I was wrong and the forbidden requests happen to the web browser too, if you didn't perform any activity for a while. I guess the access token has some validity time, and if it needs to be refreshed, |
Can this be used to block ONLY web logins BUT allow application logins from mobile apps from any external IP? If that could be configured, this would be a perfect security feature to build into nextcloud for security.
The text was updated successfully, but these errors were encountered: