What does 2FA apply to?

Will it only apply when signing in via web gui, app, client or even to seadrive and webdav?

Seahub: yes
App: yes
Client: yes
WebDAV: no (login without 2nd factor)


1 Like

Thanks for clarifying and helping out.

Glad I could help.

Let me add two things:

  • API access isn’t protected by 2FA either.
  • If you want to enforce 2FA, it is recommended to disable WebDAV (it is recommended anyway, if you don’t use it. But with 2FA as a must, it becomes imperative.)

Please mark answer as solved if this is what you wanted to know.

They do have docs for API access if you have 2FA enabled https://download.seafile.com/published/web-api/home.md

If you have enabled two-factor authentication, you need to add 2FA header in HTTP when getting the access token:

curl -d “username=username@example.com&password=123456” -H 'X-SEAFILE-OTP: ’ https://cloud.seafile.com/api2/auth-token/