Allow only programmatically access for certain users

I want to allow my android app to upload files to my OwnCloud server, but then the username and password will be visible to anyone who can easily decompile my apk.
Is there a way prevent from login with a specific user to the browser in order to hide activity information and to prevent the password from being changed?
I want to allow access only from android/http api to upload files, and to do it in the community version.

If not, then a solution for programmatically file upload without username&password on community version would be nice.


I think you need a separate authentication for the client when you use 2 factor authentication. So you can only login to the interface vie 2FA. I didn't have a look into it, so I'm not sure about this....