To integrate the SecSign ID Two-Factor Authentication with NextCloud you first need to setup an account with NextCloud and decide, where you want the server to be based off. More information on server options are available on the NextCloud website.
In the NextCloud admin web site open the Apps dialog and select “Authentication & Authorization” from the list. Enable “SSO & SAML authentication”.
In the NextCloud admin web site open the SSO & SAML authentication dialog.
Select “Use build-in SAML authentication”.
Enter “uid” (without the quotes) as attribute to map the UID to. Then enter the Identifier of the IdP entity. It consists of the URL of the SecSign ID admin web site plus “/SAML_Login”.
For Example: https://admin.secsign.com/SAML_Login
Enter the same URL also as URL Target of the IdP where the SP will send the Authentication Request Message.
Then Select “Show optional Identity Provider settings …” Paste the PEM encoded certificate which you have configured to sign SAML responses in the SecSign ID Server as “Public X.509 certificate of the IdP”.
PEM encoding starts with “—–BEGIN CERTIFICATE—–“.
Click at “Download metadata XML”. Open the meta data XML file in a browser or a text editor.
Copy the URL from AssertionConsumerService in the metadata file to the “SAML response URL” text field in the SecSign admin dialog.
Leave RelayState, Audience Restriction and Auth Context empty.
Choose the user group to sign the SAML responses. For example: SAML response signers.
Select “Server selects” for Hash algorithm and “Server selects” for PSS padding. Select the SAML attribute “secsignid: from SecSign ID Server (uid)” and Save.
Keep the browser showing the NextCloud admin web site session open! Use another browser to test the NextCloud log-in. If it fails use the still open first browser to display the “Logging” dialog of NextCloud and see the error message.
We provide an ever growing list of APIs and plugins to easily integrate the SecSign ID Two-Factor Authentication in any project. An overview is available at Plugin and APIs.
We do not only offer APIs in different programming languages but also plugins for CMS, Server and VPN environments, oAuth2 and many more. These plugins use our APIs and offer additional functionalities, for example user management, easy and native installation, logging or integration in firewalls or Active Directory.
The JIRA plugin for example uses the JAVA-API. The PHP-Api and JS-API is used by WordPress, Joomla, Drupal, Typo3 and many more. The ASP.net/C#-API is used for the Windows and Cisco VPN and the C-API is used for protecting Unix SSH services. The Objective-C API is used by our AppleTV and iPhone/iPad apps.
You can experience the SecSign ID two-factor authentication and the two-factor login by simply integrating the plugin into your website or test environment. Or you can try out the login process on our website without having to register first. You already have a SecSign ID or you want one? Login now and use the portal or use our hassle free registration.
See for yourself how fast and convenient the login process using challenge-response authentication with 2048-bit key pairs is. There is no need for passwords, and no passwords or other confidential information are ever transmitted. It is easy to integrate and simple to use.
For more information about the patented SafeKey procedure and it's unique security can be found here.
If you are missing an API for the programming language you are working with, feel free to contact us and we’ll find a solution with you. If you need help with the integration into an existing system or you can’t find the plugin for your content management system you are working with, don’t hesitate to contact our support team.
Choose between our SecSign ID Cloud or operate your own on-premise Two-Factor Authentication server.
Operate your own YourBrand ID app - Two-Factor Authentication customized to your needs.
Integrate SecSign ID Two-Factor Authentication in existing apps with our ready-to-use SDK.
Use the Two-Factor Authentication Server to secure your company Active Directory/LDAP. Your own Identity and Access Management System, for example for mandatory updates and additional security features.
Integration in any login environment: web, local, VPN, remote desktop, mobile logins and many more.
No need for complex integration: we have plugins for almost all environments.
Want to learn more about SecSign’s innovative and highly secure
solutions for protecting your user accounts and sensitive data?
Use our contact form to submit your information, and a SecSign sales representative will contact you within one business day.
If you need assistance with an existing SecSign account or product
installation, please see the FAQs for more information on the most common questions. You don’t find the solution to your problem? Don’t hesitate to contact the
I am Interested in