User Management

Easy account management, from 5 to 50 million users

Integrated account management

Nextcloud features integration with external user directories like LDAP or others as well as built-in account management, two-factor authentication and Single-sign-on support.

Easy user management

Admins can create, modify, search and view user accounts using Nextcloud built-in user management. Name, disk quota, mail addresses and group membership can be handled and users can be given administrator privileges if needed.

If you need to integrate Nextcloud with an existing system, take advantage of support for one or more LDAP directories instead of or in addition to local users. Nextcloud can secure logins with two-factor authentication and supports single sign-on through SAML, OAuth2, Kerberos and others.

Learn more about how Nextcloud helps you keep your data secure.

LDAP/Active Directory user management

Nextcloud features a high performance, full-featured LDAP application which lets users authenticate through their LDAP credentials. Group management, quotas and sharing permissions can be managed as usual. Nextcloud features LDAP group support, sharing, primary groups and easy configuration with auto-detection of LDAP attributes.

For security reasons, the default LDAP configuration is fully read-only. A plugin infrastructure exists with some experimental applications already available that enable administrators to manage an LDAP server through Nextcloud. Creating, updating and removing LDAP configurations can optionally be done through an external, REST-based API.

Find documentation here.

Get our LDAP datasheet

Secure Authentication

Nextcloud supports securing authentication through Nextcloud itself with a plugin-based two-factor authentication method. Supported are, among others, TOTP, SMS 2-factor and U2F. Upon activation by the system administrator, users have to activate 2FA in their personal settings.

Find documentation here.

Single-sign-on

Nextcloud features an SSO & SAML app for easy Single-sign-on integration. SAML 2.0 is supported against OneLogin, Shibboleth, and ADFS. The app also features authentication via environment variables, including support for Kerberos, OAuth2, OpenID and many other mechanisms provided by Apache modules.

The native SAML integration negates the need for external software like Apache modules. Native SAML is compatible with all webservers and supports group memberships, flexible session management and app-specific passwords.

Find documentation here.

Other user backends

Nextcloud can work with a number of other backends for authentication and user handling: IMAP, SMB and FTP. These can be used to integrate Nextcloud more easily in company infrastructure. On the app store, more authentication and user backends can be found, like integration with Gluu.

Find documentation here and our app store here.

Automated or manual provisioning

Nextcloud offers an easy-to-use, REST-based provisioning API to create and configure user accounts. It is possible to create, edit, delete and query user attributes, query, set and remove groups, set quota and query total storage used in Nextcloud.

The API enables an admin to query for active Nextcloud applications, application info, and to enable or disable an app remotely. HTTP requests can be used via a Basic Auth header to easily integrate workflows with existing tools and infrastructure.

Find documentation here.

You have javascript disabled. We tried to make sure the basics of our website work but some functionality will be missing.

This website is using cookies. That's Fine