Hello there, I (credit goes to upstream) have been able to narrow down the authentication issue we were experiencing with the Nextcloud desktop client. Please note, up to know the latest ownCloud client is still working fine except it is not keeping the SAML token after the system reboots/user logs out. The TDF Nextcloud instance has 2 issues: 1. XSS whitelisting According to the logs of my Nextcloud client [1], we can see the page answering back with the SAML token cannot be loaded properly due to a font issue. It appears the location of these fonts haven't been whitelisted properly leading to the Nextcloud client webview (qt5-webengine) to not load them to avoid a potential XSS vulnerability. Could you please whitelist these resources locations? 2. *not* successful, http result code is 302 [2] --> the connection issue per se Could you please disable "Use SAML auth for the Nextcloud desktop clients (requires user re-authentication)" in the Nextcloud server admin settings? SAML SSO remains active without this parameter. It seems this (unclear) parameter has been set because old desktop clients handled saml internally/differently. [1] https://gist.github.com/wget/6433e4dac5e1c291bb64af779b6ff3cb [2] https://github.com/nextcloud/desktop/issues/1084#issuecomment-474478145 [3] https://help.nextcloud.com/t/issue-login-in-with-the-desktop-client-when-using-sso-saml-with-keycloak/47063/24 -- William Gathoye <william@gathoye.be> -- To unsubscribe e-mail to: website+unsubscribe@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy