Managing User Accounts
Login Credentials are stored on the device (secure in system keychain).
Password manager support.
The OAuth2 implementation uses
SFAuthenticationSession, which is described as a best practice by
RFC 8252 - when running under iOS 11. Under iOS 12, the OAuth2 implementation uses
ASWebAuthenticationSession, which is the successor of
SFAuthenticationSession. Benefits of using these APIs include:
Privilege separation: Web content is run in a separate process.
Trustworthiness: Apps can’t inject code into or access the contents of the web view.
Convenience for the user: Cookies from Safari are available to the web content inside the session.
Additionally, OAuth2 is the industry standard authorisation method, and the username and password are not stored on the device.
To add one or more user accounts to the iOS app, when in the "Accounts" view, click the plus (+) icon in the top right-hand corner. This opens the "Add Account" dialog, where you can enter the URL of the ownCloud server. After you enter it and click "Continue", the iOS app checks the authentication method and the validity of the SSL/TLS certificate (if the server URL uses the HTTPS protocol).
If the certificate is deemed to be valid, you will see a green "Passed" symbol near the bottom of the page, next to "Certificate Details", and the text "No issues found. Certificate passed validation."
Click Continue and the app will prompt you if you want to use the supplied server URL to sign in to the app. You will then be redirected to the ownCloud server, where you can supply your username and password. After doing so, and submitting the form, you will then be asked if you want to give permission for the app to access your account.
If so, click Authorize. If not, click Cancel. If you clicked Authorize, you will then be returned to the Accounts screen, where you will see your new account in the list.
If you want to delete an account, when viewing the Accounts list, swipe left on the account that you want to delete and click Delete.
You will then be asked if you really want to delete that account.
If you do, click Delete. Doing so deletes the account from the device, as well as all locally stored file copies. If you don’t want to delete the account, click Cancel.
If you want to edit an account, when viewing the Accounts list, swipe left on the account that you want to edit and click Edit.
You will then be able to change the ownCloud server URL, and manage the authentication credentials. How the authentication credentials can be managed depends on the authentication type.
|Basic Authentication||OAuth2 Authentication|
In the screenshot below, the user is authenticated using Basic Authentication. In this instance, they will be able to update their username and password, as well as delete their authentication data.
In the screenshot above, the user is authenticated using OAuth2 authentication. In this instance, they will only be able to delete their authentication data.