Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content

Add /e/-cloud (or any) Account with QR Code

Summary

Easy /e/-Cloud / Webdav account authentification by scanning a QR-Code within the first-time-setup-wizard (FTSW) or in the AccountManager

Description

Who will use the new feature?

People setting up a device for the first time.

What is the target of the new feature for this user?

To make the "onboarding" quicker, encourage either complex passwords or access tokens.

Why this user would like to use this feature?

Making adding an account as easy as scanning an Wifi Access qrcode [1]

It also allows easy revocation of the access token when the device is lost without changing the account password.

Access tokens can have higher entropy bits than usual account passwords that users can remember.

Technical informations

The idea is in bitfires/DAVx5 forum: https://forums.bitfire.at/topic/1406/feature-request-allow-to-get-address-and-credentials-from-qrcode and mentionied on their https://gitlab.com/bitfireAT/davx5-ose/-/wikis/Roadmap within "backup/restore for settings"

Relevant screenshots

A access token in the nextcloud installation can be generated at https://ecloud.global/settings/user/security and has the schema

nc://login/user:<username>&password:<password>&server:https://ecloud.global

that translates for the nc:// "app protocol" to the server endpoint https://ecloud.global/remote.php/dav

ecloud-create-token

Reflection

There can be more app-protocols than nc:// - but it fits the /e/ cloud use case. Other webdav servers have different schemes.

Is there a general credential transfer scheme? as DAVx5 is using the Android Manager accounts system, one could employ a general solution to transfer accounts, not only webdav accounts.

Seedvault cannot yet backup and restore accounts.

[1] Example for a Wifi "add network" onboard, see screenshot in this article, it's a small icon to the right of "add Network" in the Settings "Network -> Wifi" -> scroll to bottom.

Validation

  • user scans QR Code, it is automatically validated against the server
  • in the FTSW it just continues to the next step after showing being successful
Edited by tcecyk