Hi Slash, thanks for reporting this bug. As I understand from your logs, it's not even possible to create a nextcloud account; can you please confirm this?
Anyway, this looks like a bug in the Nextcloud server implementation: CSRF is not something that normally affects REST APIs, which are stateless by definition. When registering the account, we are passing username and password with every function call. Please file a bug against Nextcloud, and write here the link to the report, so that I can comment in case they ask for more information. For the record, the API we are using when verifying whether the account is valid is /ocs/v1.php/person/check, which is documented here: https://www.freedesktop.org/wiki/Specifications/open-collaboration-services/#index4h4 I think they forced the CSRF check on all API, including the public REST APIs, by mistake. ** Changed in: account-plugins (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1651938 Title: Owncloud Account doesn't work with Nextcloud 11 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/account-plugins/+bug/1651938/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
