An ownCloud Server app that implements the OAuth 2.0 Authorization Code Flow (RFC 6749) for secure token-based authentication. It allows registered client applications (desktop, mobile, and web) to obtain access and refresh tokens for API access without handling user passwords directly.
Follow the steps below to install and configure the OAuth2 app.
Place the app in owncloud/apps/oauth2 and enable it:
occ app:enable oauth2Register clients in the admin settings: /index.php/settings/admin?sectionid=additional#oauth2
- Authorization URL:
/index.php/apps/oauth2/authorize - Access Token URL:
/index.php/apps/oauth2/api/v1/token
make test-php-unit
make test-php-style
make test-acceptance-webuiThis app extends ownCloud Server 10 with OAuth 2.0 support. It is used by the desktop and mobile clients for secure authentication.
Note: Only master key encryption is supported when using OAuth2 (similar to the Shibboleth app).
The ownCloud Server is available on Docker Hub.
Star this repo and Watch for release notifications!
We welcome contributions! Please read the Contributing Guidelines and our Code of Conduct before getting started.
- Rebase Early, Rebase Often! We use a rebase workflow. Always rebase on the target branch before submitting a PR.
- Dependabot: Automated dependency updates are managed via Dependabot. Review and merge dependency PRs promptly.
- Signed Commits: All commits must be PGP/GPG signed. See GitHub's signing guide.
- DCO Sign-off: Every commit must carry a
Signed-off-byline:git commit -s -S -m "your commit message" - GitHub Actions Policy: Workflows may only use actions that are (a) owned by
owncloud, (b) created by GitHub (actions/*), or (c) verified in the GitHub Marketplace.
Help translate this project on Transifex: https://explore.transifex.com/owncloud-org/owncloud/
Please submit translations via Transifex -- do not open pull requests for translation changes.
Do not open a public GitHub issue for security vulnerabilities.
Report vulnerabilities at https://security.owncloud.com -- see SECURITY.md.
Bug bounty: YesWeHack ownCloud Program
This project is licensed under the AGPL-3.0.
The Kiteworks Open Source Program Office, operating under the ownCloud brand, launched on May 5, 2026, to steward the open source ecosystem around ownCloud's products. The OSPO ensures transparent governance, license compliance, community health, and sustainable collaboration between the open source community and Kiteworks, which acquired ownCloud in 2023.
- OSPO Home: https://kiteworks.com/opensource
- GitHub: https://github.com/owncloud
- ownCloud: https://owncloud.com
For questions about the OSPO or licensing, contact ospo@kiteworks.com.
The OSPO is driving a strategic relicensing of ownCloud repositories toward the Apache License 2.0, following the Apache Software Foundation's third-party license policy.
Individual repositories will migrate as their audit is completed. The LICENSE file in each repo reflects its current license status (not the target).
Current license: AGPL-3.0 (Category X per Apache policy -- cannot be included in Apache-2.0 works).
Migration prerequisites for this repository:
- CLA/DCO coverage: All past contributors must have signed agreements permitting relicensing
- Copyleft dependency audit: All AGPL/GPL dependencies must be replaced or isolated
- KDE heritage review: Any code with KDE-era copyrights requires legal analysis
- Complete relicensing: AGPL-3.0 is a strong copyleft license; migration requires full relicensing of all files, not just a header change