tag::actions[]
Key | Type | Default | Description | Status | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
action.allowed |
stringArray |
|
List of all allowed actions. If provided, actions not listed here are not allowed.
|
advanced |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Create Document Mode |
string |
|
Determines behaviour when creating a document.
|
advanced |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
action.disallowed |
stringArray |
|
List of all disallowed actions. If provided, actions not listed here are allowed.
|
advanced |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
action.excludedSystemActivities |
stringArray |
List of all operating system activities that should be excluded from OS share sheets in actions such as Open In.
|
advanced |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Open In WebApp mode |
string |
|
Determines how to open a document in a web app.
|
advanced |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Open Shortcut mode |
string |
|
Determines how the app opens shortcut files (ending in
|
advanced |
end::actions[]
tag::app[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
app.app-store-link |
string |
URL for the app in the App Store. |
advanced |
|
app.enable-review-prompt |
bool |
|
Enable/disable review prompt. |
advanced |
app.recommend-to-friend-enabled |
bool |
|
Enables/disables the recommend to a friend entry in the settings. |
advanced |
app.enable-ui-animations |
bool |
|
Enable/disable UI animations. |
debugOnly |
app.is-beta-build |
bool |
|
Controls if the app is built for beta or release purposes. |
debugOnly |
app.show-beta-warning |
bool |
|
Controls whether a warning should be shown on the first run of a beta version. |
debugOnly |
end::app[]
tag::authentication[]
Key | Type | Default | Description | Status | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
authentication.browser-session-class |
string |
|
Alternative browser session class to use instead of
|
supported |
||||||||||||
authentication.browser-session-prefers-ephermal |
bool |
|
Indicates whether the app should ask iOS for a private authentication (web) session for OAuth2 or OpenID Connect. Private authentication sessions do not share cookies and other browsing data with the user’s normal browser. Apple only promises that [this setting](https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession/3237231-prefersephemeralwebbrowsersessio) will be honored if the user has set Safari as default browser. |
supported |
||||||||||||
authentication.skip-www-authenticate-checks |
bool |
Overrides whether the default WebDAV endpoint should be probed to detect available authentication methods. By default, the necessity for this is determined dynamically. |
supported |
end::authentication[]
tag::bookmarks[]
Key | Type | Default | Description | Status | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
bookmark.prepopulation |
string |
Controls prepopulation of the local database with the full item set during account setup.
|
supported |
end::bookmarks[]
tag::branding[]
Key | Type | Default | Description | Status | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
branding.app-name |
string |
App name to use throughout the app. |
supported |
|||||||||||||
branding.disabled-import-methods |
stringArray |
List of disabled import methods that can’t be used.
|
supported |
|||||||||||||
branding.organization-name |
string |
Organization name to use throughout the app. |
supported |
|||||||||||||
Allow adding accounts |
bool |
|
Controls whether the user can add accounts. |
advanced |
||||||||||||
Allow editing accounts |
bool |
|
Controls whether the user can edit accounts. |
advanced |
||||||||||||
branding.enable-review-prompt |
bool |
|
Controls whether the app should prompt for an App Store review. Only applies if the app is branded. |
advanced |
||||||||||||
Allow URL configuration |
bool |
|
Indicates if the user can change the server URL for the account. |
advanced |
||||||||||||
Bookmark Name |
string |
The name that should be used for the bookmark that’s generated from this profile and appears in the account list. |
advanced |
|||||||||||||
Profile definitions |
dictionaryArray |
Array of dictionaries, each specifying a profile. All |
advanced |
|||||||||||||
Onboarding button title |
string |
Text used for the onboarding button title |
advanced |
|||||||||||||
Onboarding URL |
urlString |
Optional URL to onboarding resources. |
advanced |
|||||||||||||
Open onboarding URL message |
string |
Message shown in an alert before opening the onboarding URL. |
advanced |
|||||||||||||
URL |
urlString |
The URL of the server targeted by this profile. |
advanced |
|||||||||||||
Feedback Email address |
string |
Email address to send feedback to. Set to |
advanced |
|||||||||||||
Feedback URL |
string |
URL to open when selecting the "Send feedback" option. Allows the use of all placeholders provided in |
advanced |
|||||||||||||
Sidebar Link Items |
array |
Array of Dictionary, which should appear in the sidebar. Keys url and title are mandatory and an optional image can be added as either an SF-Symbol name (key: symbol) or the name of an image bundled with the app (key: image) |
advanced |
|||||||||||||
Sidebar Links Title |
string |
Title for the sidebar links section. |
advanced |
|||||||||||||
Theme Colors |
dictionary |
Values to use in system-color-based themes for branded clients. Mutually exclusive with theme-definitions.
|
advanced |
|||||||||||||
Theme CSS Records |
stringArray |
CSS records to add to the CSS space of system-color-based themes for branded clients. Mutually exclusive with theme-definitions. |
advanced |
|||||||||||||
branding.theme-definitions |
dictionaryArray |
Array of dictionaries, each specifying a theme. |
advanced |
|||||||||||||
Documentation URL |
urlString |
URL to documentation for the app. Opened when selecting "Documentation" in the settings. |
advanced |
|||||||||||||
Help URL |
urlString |
URL to get help for the app. Opened when selecting "Help" in the settings. |
advanced |
|||||||||||||
Privacy URL |
urlString |
URL to get privacy information for the app. Opened when selecting "Privacy" in the settings. |
advanced |
|||||||||||||
Terms of use URL |
urlString |
|
URL to terms of use for the app. Opened when selecting "Terms Of Use" in the settings. |
advanced |
||||||||||||
URL of the theme.json |
urlString |
URL of the instance theme.json file, which can contain instance or app specific branding parameter. Setting this to |
advanced |
|||||||||||||
branding.user-defaults-default-values |
dictionary |
Default values for user defaults. Allows overriding default settings. |
advanced |
end::branding[]
tag::browsersession[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
browser-session.custom-scheme-plain |
string |
Scheme to use instead of plain |
advanced |
|
browser-session.custom-scheme-secure |
string |
Scheme to use instead of |
advanced |
end::browsersession[]
tag::build[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
build.app-group-identifier |
string |
Set a custom app group identifier via Branding.plist parameter. This value will be set by fastlane. Changes OCAppGroupIdentifier, OCKeychainAccessGroupIdentifier and updates other, directly signing-relevant parts of the Info.plist. With this value set, fastlane needs the provisioning profiles and certificate with the app group identifier. This is needed, if a customer is using an own resigning script which does not handle setting the app group identifier. |
supported |
|
build.custom-app-scheme |
string |
|
Name of the URL scheme to use for private links. Must be provided in Branding.plist at build time. For documentation, please see https://github.com/owncloud/ios-app/blob/master/doc/BUILD_CUSTOMIZATION.md. |
supported |
build.custom-auth-scheme |
string |
|
Name of the URL scheme to use for OAuth2/OIDC authentication. Must be provided in Branding.plist at build time. The authentication redirect URI parameters must also be changed accordingly in Branding.plist and on the server side. For documentation, please see https://github.com/owncloud/ios-app/blob/master/doc/BUILD_CUSTOMIZATION.md. |
supported |
build.flags |
string |
A set of space separated flags to customize the build. Must be provided in Branding.plist at build time. For documentation, please see https://github.com/owncloud/ios-app/blob/master/doc/BUILD_CUSTOMIZATION.md. |
supported |
|
build.oc-app-group-identifier |
string |
Set a custom app group identifier via Branding.plist parameter. This value will be set by fastlane. Changes OCAppGroupIdentifier, OCKeychainAccessGroupIdentifier only. Fastlane does not need the provisioning profile and certificate with the given app group identifer. Needs resigning with the correct provisioning profile and certificate. This is needed, if a customer is using an own resigning script which does not handle setting the app group identifier. |
supported |
|
build.version-number |
string |
Sets a custom version number for the app. |
supported |
end::build[]
tag::connection[]
Key | Type | Default | Description | Status | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
connection.allow-cellular |
bool |
|
Allow the use of cellular connections. |
recommended |
||||||||||||||||||
core.cookie-support-enabled |
bool |
|
Enable or disable per-process, in-memory cookie storage. |
supported |
||||||||||||||||||
http.traffic-log-format |
string |
|
If request and response logging is enabled, the format to use.
|
supported |
||||||||||||||||||
http.user-agent |
string |
|
A custom The following placeholders can be used to make it dynamic:
- |
supported |
||||||||||||||||||
connection.always-request-private-link |
bool |
|
Controls whether private links are requested with regular PROPFINDs. |
advanced |
||||||||||||||||||
connection.plain-http-policy |
string |
|
Policy regarding the use of plain (unencryped) HTTP URLs for creating bookmarks. A value of |
advanced |
||||||||||||||||||
connection.validator-flags |
stringArray |
Allows fine-tuning the behavior of the connection validator by enabling/disabling aspects of it.
|
advanced |
|||||||||||||||||||
core.action-concurrency-budgets |
dictionary |
|
Concurrency budgets available for sync actions by action category. |
advanced |
||||||||||||||||||
core.add-accept-language-header |
bool |
|
Add an |
advanced |
||||||||||||||||||
core.scan-for-changes-interval |
int |
Minimum number of milliseconds until the next scan for changes, measured from the completion of the previous scan. If no value is provided, uses the poll interval provided in the server’s capabilities (in milliseconds) if it is greater or equal 5 seconds. Defaults to 10 seconds otherwise. |
advanced |
|||||||||||||||||||
server-locator.lookup-table |
dictionary |
Lookup table that maps users to server URLs |
advanced |
|||||||||||||||||||
server-locator.use |
string |
Use Server Locator
|
advanced |
|||||||||||||||||||
connection.allow-background-url-sessions |
bool |
|
Allow the use of background URL sessions. Note: depending on iOS version, the app may still choose not to use them. This settings is overriden by |
debugOnly |
||||||||||||||||||
connection.force-background-url-sessions |
bool |
|
Forces the use of background URL sessions. Overrides |
debugOnly |
||||||||||||||||||
connection.minimum-server-version |
string |
|
The minimum server version required. |
debugOnly |
||||||||||||||||||
core.override-availability-signal |
bool |
Override the availability signal, so the host is considered to always be in maintenance mode ( |
debugOnly |
|||||||||||||||||||
core.override-reachability-signal |
bool |
Override the reachability signal, so the host is always considered reachable ( |
debugOnly |
|||||||||||||||||||
core.thumbnail-available-for-mime-type-prefixes |
stringArray |
|
Provide hints that thumbnails are available for items whose MIME-Type starts with any of the strings provided in this array. Providing an empty array turns off thumbnail loading. Providing |
debugOnly |
||||||||||||||||||
host-simulator.active-simulations |
stringArray |
|
Active Host simulation extensions.
|
debugOnly |
end::connection[]
tag::diagnostics[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
diagnostics.enabled |
bool |
|
Controls whether additional diagnostic options and information is available throughout the user interface. |
advanced |
end::diagnostics[]
tag::displaysettings[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
display.prevent-dragging-files |
bool |
|
Controls whether drag and drop should be prevented for items inside the app. |
advanced |
display.show-hidden-files |
bool |
|
Controls whether hidden files (i.e. files starting with |
advanced |
display.sort-folders-first |
bool |
|
Controls whether folders are shown at the top. |
advanced |
end::displaysettings[]
tag::endpoints[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
connection.endpoint-capabilities |
string |
|
Endpoint to use for retrieving server capabilities. |
advanced |
connection.endpoint-recipients |
string |
|
Path of the sharing recipient API endpoint. |
advanced |
connection.endpoint-remote-shares |
string |
|
Path of the remote shares API endpoint. |
advanced |
connection.endpoint-shares |
string |
|
Path of the shares API endpoint. |
advanced |
connection.endpoint-status |
string |
|
Endpoint to retrieve basic status information and detect an ownCloud installation. |
advanced |
connection.endpoint-user |
string |
|
Endpoint to use for retrieving information on logged in user. |
advanced |
connection.endpoint-webdav |
string |
|
Endpoint to use for WebDAV. |
advanced |
connection.endpoint-webdav-meta |
string |
|
Endpoint to use for WebDAV metadata. |
advanced |
connection.well-known |
string |
|
Path of the .well-known endpoint. |
advanced |
end::endpoints[]
tag::extensions[]
Key | Type | Default | Description | Status | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
extensions.disallowed |
stringArray |
|
List of all disallowed extensions. If provided, extensions not listed here are allowed.
|
advanced |
end::extensions[]
tag::fileprovider[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
fileprovider.browseable |
bool |
|
Controls whether the account content is available to other apps via File Provider / Files.app. |
supported |
end::fileprovider[]
tag::licensing[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
licensing.disable-appstore-licensing |
bool |
|
Enables/disables App Store licensing support. |
debugOnly |
licensing.disable-enterprise-licensing |
bool |
|
Enables/disables Enterprise licensing support. |
debugOnly |
end::licensing[]
tag::localization[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
Localization Overrides |
dictionary |
|
Dictionary with localization overrides where the key is the English string whose localization should be overridden, and the value is a dictionary where the keys are the language codes (f.ex. "en", "de") and the values the translations to use. |
advanced |
end::localization[]
tag::logging[]
Key | Type | Default | Description | Status | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
log.level |
int |
|
Log level
|
supported |
||||||||||||||
log.privacy-mask |
bool |
|
Controls whether certain objects in log statements should be masked for privacy. |
supported |
||||||||||||||
log.blank-filtered-messages |
bool |
|
Controls whether filtered out messages should still be logged, but with the message replaced with |
advanced |
||||||||||||||
log.colored |
bool |
|
Controls whether log levels should be replaced with colored emojis. |
advanced |
||||||||||||||
log.enabled-components |
stringArray |
|
List of enabled logging system components.
|
advanced |
||||||||||||||
log.format |
string |
|
Determines the format that log messages are saved in
|
advanced |
||||||||||||||
log.maximum-message-size |
int |
|
Maximum length of a log message before the message is truncated. A value of 0 means no limit. |
advanced |
||||||||||||||
log.omit-matching |
stringArray |
If set, omits logs messages containing any of the exact terms in this array. |
advanced |
|||||||||||||||
log.omit-tags |
stringArray |
If set, omits all log messages tagged with tags in this array. |
advanced |
|||||||||||||||
log.only-matching |
stringArray |
If set, only logs messages containing at least one of the exact terms in this array. |
advanced |
|||||||||||||||
log.only-tags |
stringArray |
If set, omits all log messages not tagged with tags in this array. |
advanced |
|||||||||||||||
log.replace-newline |
bool |
|
Controls whether messages spanning more than one line should be logged as a single line, after replacing new line characters with "\n". |
advanced |
||||||||||||||
log.single-lined |
bool |
|
Controls whether messages spanning more than one line should be broken into their individual lines and each be logged with the complete lead-in/lead-out sequence. |
advanced |
||||||||||||||
log.synchronous |
bool |
|
Controls whether log messages should be written synchronously (which can impact performance) or asynchronously (which can loose messages in case of a crash). |
advanced |
||||||||||||||
measurements.enabled |
bool |
|
Turn measurements on or off |
debugOnly |
end::logging[]
tag::oauth2[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
authentication-oauth2.oa2-authorization-endpoint |
string |
|
OAuth2 authorization endpoint. |
advanced |
authentication-oauth2.oa2-client-id |
string |
|
OAuth2 Client ID. |
advanced |
authentication-oauth2.oa2-client-secret |
string |
|
OAuth2 Client Secret. |
advanced |
authentication-oauth2.oa2-redirect-uri |
string |
|
OAuth2 Redirect URI. |
advanced |
authentication-oauth2.oa2-token-endpoint |
string |
|
OAuth2 token endpoint. |
advanced |
authentication-oauth2.omit-authorization-parameters |
stringArray |
Omit Authorization Request Parameters - parameter names provided here are omitted from OAuth2 authorization requests. |
advanced |
|
authentication-oauth2.post-client-id-and-secret |
bool |
|
Send Client ID and Client Secret in the body of POST requests to the token endpoint. As per RFC 6749 section 2.3.1, this should only be used if the token endpoint does not support receiving these via Basic authentication. |
advanced |
authentication-oauth2.oa2-expiration-override-seconds |
int |
OAuth2 Expiration Override - lets OAuth2 tokens expire after the provided number of seconds (useful to prompt quick |
debugOnly |
end::oauth2[]
tag::oidc[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
authentication-oauth2.oidc-fallback-on-client-registration-failure |
bool |
|
If client registration is enabled, but registration fails, controls if the error should be ignored and the default client ID and secret should be used instead. |
supported |
authentication-oauth2.oidc-prompt |
string |
|
OpenID Connect Prompt |
supported |
authentication-oauth2.oidc-redirect-uri |
string |
|
OpenID Connect Redirect URI |
supported |
authentication-oauth2.oidc-register-client |
bool |
|
Use OpenID Connect Dynamic Client Registration if the |
supported |
authentication-oauth2.oidc-register-client-name-template |
string |
|
Client Name Template to use during OpenID Connect Dynamic Client Registration. In addition to the placeholders available for |
supported |
authentication-oauth2.oidc-scope |
string |
|
OpenID Connect Scope |
supported |
end::oidc[]
tag::passcode[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
passcode.enforced |
bool |
|
Controls wether the user MUST establish a passcode upon app installation. |
advanced |
passcode.enforced-by-device |
bool |
|
Controls wether the user MUST establish a passcode upon app installation, if NO device passcode protection is set. |
advanced |
passcode.lockDelay |
int |
Number of seconds before the lock snaps and the passcode is requested again. |
advanced |
|
passcode.maximumPasscodeDigits |
int |
|
Controls how many passcode digits are maximal possible for passcode lock. |
advanced |
passcode.requiredPasscodeDigits |
int |
|
Controls how many passcode digits are at least required for passcode lock. |
advanced |
passcode.share-sheet-biometrical-unlock-by-app |
dictionary |
|
Controls the biometrical unlock availability in the share sheet, with per-app level control. |
advanced |
passcode.use-biometrical-unlock |
bool |
|
Controls wether the biometrical unlock will be enabled automatically. |
advanced |
end::passcode[]
tag::policies[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
item-policy.local-copy-expiration |
int |
|
The number of seconds that a file hasn’t been downloaded, modified or opened after which the local copy is removed. |
advanced |
item-policy.local-copy-expiration-enabled |
bool |
|
Controls whether local copies should automatically be removed after they haven’t been downloaded, modified or opened for a period of time. |
advanced |
item-policy.vacuum-sync-anchor-ttl |
int |
|
Number of seconds since the removal of an item after which the metadata entry may be finally removed. |
debugOnly |
end::policies[]
tag::releasenotes[]
Key | Type | Default | Description | Status |
---|---|---|---|---|
releasenotes.lastSeenAppVersion |
string |
The last-seen app version. |
debugOnly |
|
releasenotes.lastSeenReleaseNotesVersion |
string |
The app version for which the release notes were last shown. |
debugOnly |
end::releasenotes[]
tag::security[]
Key | Type | Default | Description | Status | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
connection.allowed-authentication-methods |
stringArray |
Array of allowed authentication methods. Nil/Missing for no restrictions.
|
recommended |
|||||||||
connection.preferred-authentication-methods |
stringArray |
|
Array of authentication methods in order of preference (most preferred first).
|
recommended |
||||||||
connection.associated-certificates-tracking-rule |
string |
Rule that defines the criteria that need to be met by a hostname other than a bookmark’s hostname for the associated certificate to be added to the bookmark, tracked for changes and validated by the same rules as the bookmark’s primary certificate. No value (default) or a value of |
advanced |
|||||||||
connection.certificate-extended-validation-rule |
string |
|
Rule that defines the criteria a certificate needs to meet for OCConnection to recognize it as valid for a bookmark. Examples of expressions:
- |
advanced |
||||||||
connection.renewed-certificate-acceptance-rule |
string |
|
Rule that defines the criteria that need to be met for OCConnection to accept a renewed certificate and update the bookmark’s certificate automatically instead of prompting the user. Used when the extended validation rule fails. Set this to |
advanced |
||||||||
post-build.allowed-settings |
stringArray |
|
List of settings (as flat identifiers) that are allowed to be changed post-build via the app’s URL scheme. Including a value of "*" allows any setting to be changed. Defaults to an empty array (equalling not allowed). |
advanced |
||||||||
user-settings.allow |
stringArray |
List of settings (as flat identifiers) users are allowed to change. If this list is specified, only these settings can be changed by the user. |
advanced |
|||||||||
user-settings.disallow |
stringArray |
List of settings (as flat identifiers) users are not allowed to change. If this list is specified, all settings not on the list can be changed by the user. |
advanced |
|||||||||
connection.transparent-temporary-redirect |
bool |
|
Controls whether 307 redirects are handled transparently at the HTTP pipeline level (by resending the headers and body). |
debugOnly |
end::security[]