rclone does not generate any errors but it is asking for and waiting for a two-factor authentication code and rclone is not doing anything to force Apple to send me a two-factor authentication code to my phone so I have no code to enter and now I'm stuck yet again.
I don't have any Apple devices that are trusted devices so the only option I have is two-factor authentication Via SMS.
When I try and log into my account in a web browser I am prompted for sending my SMS code to my phone and I get the code to my phone and I enter it to the website and I can log in.
I just don’t know how to make rclone tell Apple to send me the code.
Apparently you're not allowed to use an authenticator app which is what I was going to try and do.
Does anyone have any ideas on how to get around the two-factor Authentication debacle that I am in?
I signed up for a free icloud account. I can log in and see the pictures and files I have there.
When I try to log in via a browser I get an SMS code sent to my phone. I also receive an email from Apple letting me know that I have successfully logged in.
When I run rclone Apple lets me know via email that I have logged in via a browser even though I have not successfully completed the rclone 2fa.
Every time I try and re-establish my rclone remote even though I have not completed the two-factor Authentication I get an email from Apple saying that I was successfully logged in Via a web browser even though I really wasn’t.
“Your Apple Account was used to sign in to iCloud via a web browser.”
“
Dear Joe Schmo,
Your Apple Account (schmojoe@email.com) was used to sign in to iCloud via a web browser.
Date and Time: September 4, 2025, 12:07 PM PDT”
HERE is what the attempt looks like with DEBUG -vv enabled:
C:\Users\king>rclone -vv --user-agent="MyCloud" config reconnect dkicloud:
2025/09/04 20:13:40 DEBUG : rclone: Version "v1.71.0" starting with parameters ["rclone" "-vv" "--user-agent=MyCloud" "config" "reconnect" "dkicloud:"]
2025/09/04 20:13:40 DEBUG : Using config file from "C:\Users\king\AppData\Roaming\rclone\rclone.conf"
2025/09/04 20:13:40 DEBUG : dkicloud: config in: state="", result=""
2025/09/04 20:13:40 DEBUG : icloud: Authenticating as schmo@gmail.com
2025/09/04 20:13:41 DEBUG : Saving config "cookies" in section "dkicloud" of the config file
2025/09/04 20:13:41 DEBUG : Keeping previous permissions for config file: -rw-rw-rw-
2025/09/04 20:13:41 DEBUG : dkicloud: config out: out=&{State:2fa_do Option: OAuth: Error: Result:}, err=
2025/09/04 20:13:41 DEBUG : dkicloud: config: reading config parameter "config_2fa"
Option config_2fa.
Two-factor authentication: please enter your 2FA code
Enter a value.
config_2fa>
My phone never receives an SMS with the code the way it does when using a browser.
I’ve seen the same two 2FA interactions where the second one seems superfluous. I don’t think that’s new though, I’ve always had that happen when I config reconnect.
I have the same issue, all i have is a MacOS VM and in the past I’ve had to use that to get the 2fa code, usually when signing in via the webbrowser theres an option to request a code via sms, but I’m guessing rclone doesnt have anything implemented to do that. which is annoying.
I used the methodrclone --user-agent="your-own-random-string" config reconnect icloud:and received the verification code, but immediately after I got the error:
HTTP error 302 (302 Found) returned body: "{\"domainToUse\":\"iCloud.com.cn\"}"
What causes this? Does it mean that rclone does not support iCloud in mainland China?
Trying to set up rclone for first time and with icloud as the backend. I also got 400 on config until adding a random user agent. I’m still stuck on completing the 2FA process. My iPhone is receiving the 2FA prompt, which I allow and then type the corresponding code into rclone. rclone exits with Fatal error: validate2FACode failed: HTTP error 412 (412 ) and a long body which doesn’t appear to have any obvious problem in it. I get the email from Apple about successful login from the web, but rclone is not completing enough to store the icloud trust token. I notice I get two 2FA prompts on my phone in this process. First one when client prompts config_2fa> and again when the config process fails out.
I also had this problem and as it was mentioned above the problem was solved with the flag “–user-agent”, but I couldn’t solve it with random string. Instead I used my rclone version like this and it worked:
I had faced the ‘Error 400’ issue after freshly installing rclone v 1.17 on Kubuntu today and trying to configure an iCloud remote using my Apple ID credentials. Just issued the command
and voilá: config preceeded with the 2FA authentication code prompt while I got the permission request popping up in my iPhone, followed by the 6-digit 2FA code. Entered the code at config’s prompt and it finished without any errors, at which time I got a second 2FA permission/code popup on my iPhone which I simply granted/ignored.
Then issued
rclone ls <my remote’s name>: “Numbers/”
for a simple check and all my worksheets in iCloud drive’s Numbers were listed.
I have also successfully mounted the volume using
rclone mount --daemon <my remote’s name>: ./<my new, empty local folder>
and got full access to my iCloud drive’s folders and contents. Now trying to learn how to do this automatically upon reboot (I’m a very novice Linux user).
Loads of thanks to @ArturKlauser and all the rest for the valuable help with this subject!
This worked for me. I didn’t have iCloud set up yet and the setup walkthrough was failing. rclone --user-agent="your-own-random-string" config
let me successfully complete the setup. Thank you.
My iCloud trust token expired. Originally, I used the discovery that compiling from source makes iCloud work with rclone. After Artur found the amazing workaround of specifying a random user agent, that worked for me every time the token expired. Today, somehow, I’m back to getting 400 Bad Request again. No changes to rclone that I can think of - still using the same binary. I did upgrade from Ubuntu 25.04 to 25.10, but I don’t know how relevant that could be.
Can you all still connect to iCloud using the user-agent method? Unsure if it’s something on my end
The bad news is that Apple has apparently blocked this workaround too now, as was pointed out by multiple people over the last few days on the associated rclone issue.
I’ve been left out, too, exactly one month after my first connection. My token has expired and the ‘–user-agent=”xxx” option is not a workaround any more.
Error: HTTP error 400 (400 Bad Request) returned body: "{\"success\":false,\"error\":\"Invalid Session Token\"}"
If Apple only focused more on making a good Siri rather than screwing us up all the time…
Anybody found a way to re-connect with rclone - or with a similar alternative?
