User External provides external authentication backends for ownCloud Server, allowing user login to be verified against FTP, IMAP, SMB (Samba) or WebDAV servers instead of the local database. Passwords are never stored locally -- every authentication request is forwarded to the configured remote service, keeping credentials centralized on existing infrastructure.
This app is part of the ownCloud Server (OC10) authentication ecosystem. It allows organizations to leverage their existing FTP, IMAP, SMB or WebDAV infrastructure for ownCloud user authentication.
The ownCloud Server is available on Docker Hub.
Follow the steps below to install and configure external authentication backends.
Install from the ownCloud Marketplace, or manually:
cd apps
git clone https://github.com/owncloud/user_external.git
cd ..
php occ app:enable user_externalAdd the desired backend to config/config.php. Examples:
FTP:
'user_backends' => array(
array(
'class' => 'OC_User_FTP',
'arguments' => array('127.0.0.1'),
),
),IMAP:
'user_backends' => array(
array(
'class' => 'OC_User_IMAP',
'arguments' => array(
'{127.0.0.1:143/imap/readonly}', 'example.com'
),
),
),SMB:
'user_backends' => array(
array(
'class' => 'OC_User_SMB',
'arguments' => array('127.0.0.1'),
),
),WebDAV:
'user_backends' => array(
array(
'class' => '\OCA\User_External\WebDAVAuth',
'arguments' => array('https://example.com/webdav'),
),
),make all # Install all dependencies
make dist # Build distribution packagemake test-php-unit # Run PHP unit tests
make test-php-style # Check code style
make test-php-phpstan # Run static analysisStar this repo and Watch for release notifications!
We welcome contributions! Please read the Contributing Guidelines and our Code of Conduct before getting started.
- Rebase Early, Rebase Often! We use a rebase workflow. Always rebase on the target branch before submitting a PR.
- Dependabot: Automated dependency updates are managed via Dependabot. Review and merge dependency PRs promptly.
- Signed Commits: All commits must be PGP/GPG signed. See GitHub's signing guide.
- DCO Sign-off: Every commit must carry a
Signed-off-byline:git commit -s -S -m "your commit message" - GitHub Actions Policy: Workflows may only use actions that are (a) owned by
owncloud, (b) created by GitHub (actions/*), or (c) verified in the GitHub Marketplace.
Do not open a public GitHub issue for security vulnerabilities.
Report vulnerabilities at https://security.owncloud.com -- see SECURITY.md.
Bug bounty: YesWeHack ownCloud Program
See LICENSE for license details.
The Kiteworks Open Source Program Office, operating under the ownCloud brand, launched on May 5, 2026, to steward the open source ecosystem around ownCloud's products. The OSPO ensures transparent governance, license compliance, community health, and sustainable collaboration between the open source community and Kiteworks, which acquired ownCloud in 2023.
- OSPO Home: https://kiteworks.com/opensource
- GitHub: https://github.com/owncloud
- ownCloud: https://owncloud.com
For questions about the OSPO or licensing, contact ospo@kiteworks.com.
The OSPO is driving a strategic relicensing of ownCloud repositories toward the Apache License 2.0, following the Apache Software Foundation's third-party license policy.
Individual repositories will migrate as their audit is completed. The LICENSE file in each repo reflects its current license status (not the target).
Current license: Not detected. The OSPO will determine the current license status of this repository before planning any migration steps. If you know the intended license, please open an issue or contact ospo@kiteworks.com.