Confirming what other users posted above. The user agent string workaround worked a little while back, but doesn’t work any more. I tried random user agent strings, tried using the exact same user agent string my browser uses to log in to iCloud online without luck.
Workaround
I made a proof of concept authentication script, which uses Puppeteer to pull the needed cookies:
If you want to do it manually, without the script, below are the steps:
- Open your web browser
- Log in to icloud.com, follow MFA prompts until you get to the dashboard screen that shows your profile, recent files, etc.
- Make sure to select "remember device" otherwise your token will only last around 30 minutes.
- Open developer tools and have a look at the request to www.icloud.com (or pretty much any other request to the same domain).
- Copy the Cookie header (
X-APPLE-WEBAUTH-USER="v=1:s=0:d=......) - In the
Cookieheader you just copied, there is a trust token.X-APPLE-WEBAUTH-HSA-TRUST="..."Copy the part between the double quotes. - Run the command
rclone config update [remote] cookies=FULL_COOKIES_HEADER_GOES_HERE trust_token=TRUST_TOKEN_GOES_HERE - Run
rclone config reconnect remote: - Test by running
rclone config ls remote:
Note:
I tried using the environment variable RCLONE_ICLOUDDRIVE_TRUST_TOKEN and flag --iclouddrive-trust-token but neither worked. Please let me know if there’s a way to use this instead 