/login vs /index.php/login - inconsistent behavior

Running ownCloud 10.13.1 (stable) on Docker.

I configured

  'openid-connect' => [
        'loginButtonName' => 'OpenId Connect',
        'autoRedirectOnLoginPage' => true,
  'token_auth_enforced' => true, // only enables OAuth login

And I obsered the following

  1. if autoRedirectOnLoginPage is off, then I can see the OpenID Connect button on /index.php/login page, but not /login
  2. When it’s on, then /index.php/login automatically redirects to open id

This is weird?

In addition, I was hoping that

  'token_auth_enforced' => true,

Will enforce that only open id login is enabled, but owncloud still enables password-based login.

Any thoughts or ideas why login vs index.php/login behave differently?

(For ‘forbidding’ password logins, except for admin account, this works:

 'loginPolicy.order' => ['OC\Authentication\LoginPolicies\GroupLoginPolicy'],
 'loginPolicy.groupLoginPolicy.forbidMap' => [
          'password' => [
            'allowOnly' => ['admin'],
          'token' => [
          'OCA\OpenIdConnect\OpenIdConnectAuthModule' => [

But /login still looks different than /index.php/login, which is super confusing

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.