@mikegillan thanks for fixing this. I just ran the CI - looks like there are some lint things to fix.

I gave it a quick review and it looks great. It looks like it has had some testing from users - do you know how many people have tried the new code?

@mikegillan thanks for fixing this. I just ran the CI - looks like there are some lint things to fix.

I gave it a quick review and it looks great. It looks like it has had some testing from users - do you know how many people have tried the new code?

I don't know but there have been at least two people in the the issue chat reporting that it worked for them. I think most users would be waiting for a nightly build to test it out since they might not have the ability to build locally. Is it possible to give a temp build to users who have indicated interest in the issue?

This is my first time contributing to a public project like this (I've only ever done corporate development) so please forgive me if I'm suggesting something stupid here.

I've corrected the formatting on the imports, which should clear the linter errors.

I had to build the Windows version to generate the config file. On the Linux amd64 version, when I tried to configure iCloud, I was still getting the “Invalid Session Token” error. In the config file created on Linux, the “cookies” and “trust_token” fields were not being populated.

By creating the config file on Windows and importing it into Linux, everything works without any issues.

Hi @ncw I see there's a build issue with Windows that doesn't look related to any of my changes. Is there anything else I can do to get this ready for merge? Over on the issue page there have been a few people asking how they can get their hands on it, so now I feel a responsibility to see this through. Please let me know if there's anything I can do to help. Thanks!

Hello,
cudos to @mikegillan.
I successfully build rclone on Apple Silicon.

mkdir -p /tmp/rclone
cd /tmp/rclone
git clone https://github.com/rclone/rclone.git .
git fetch origin pull/9209/head:pr-9209
git checkout pr-9209
GOOS=darwin GOARCH=arm64 CGO_ENABLED=0 go build -trimpath -ldflags='-s -w' -o build/rclone-pr9209-darwin-arm64 ./ 

rclone version   
rclone v1.74.0-DEV
- os/version: darwin 26.2 (64 bit)
- os/kernel: 25.2.0 (arm64)
- os/type: darwin
- os/arch: arm64 (ARMv8 compatible)
- go/version: go1.25.6
- go/linking: static
- go/tags: none

To authenticate use you Apple-ID password. App password do not work.

Thanks,
ZirkusWurstikus

Sidenote:
Successfully build for my good old Synology DS218

Linux syentology 3.10.108 #42962 SMP Tue Jul 29 14:26:48 CST 2025 armv7l GNU/Linux synology_armada38x_ds218j
rclone v1.74.0-DEV
- os/version: unknown
- os/kernel: 3.10.108 (armv7l)
- os/type: linux
- os/arch: arm (ARMv7 compatible)
- go/version: go1.25.7
- go/linking: static
- go/tags: none

Compiled this PR tonight, it's working great. Effortless connection, Apple couldn't have made it easier.

Mounted a folder of notes, no issues either way.

~
❯ opt/rclone/rclone version
rclone v1.74.0-DEV
- os/version: cachyos (64 bit)
- os/kernel: 6.19.5-3-cachyos (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.26.0-X:nodwarf5
- go/linking: dynamic
- go/tags: none

Appreciate the hard work, both the pr and rclone project!

Compiled this PR tonight, it's working great. Effortless connection, Apple couldn't have made it easier.

Did you run across the cosmetic issue that it authenticate twice? From what I see the code first authetificate and then run it again for testing access.

Hi All Great to hear this is working. I tried with my own apple id and password and get a 400. Would love to know the process to set it up ? I tried
New remote
Apple Id : myappleid@icloud.com
y ( Type in my own password)
passwd: Entered in my apple id password
passwd: Entered in my apple id password
n ( no advanced config)

ANd I get this error:

Option password.
Password.
Choose an alternative below.
y) Yes, type in my own password
g) Generate random password
y/g> y
Enter the password:
password:
Confirm the password:
password:

Edit advanced config?
y) Yes
n) No (default)
y/n> 

Error: HTTP error 400 (400 Bad Request) returned body: "{\"success\":false,\"error\":\"Invalid Session Token\"}"

Hi All Great to hear this is working. I tried with my own apple id and password and get a 400. Would love to know the process to set it up ? I tried New remote Apple Id : myappleid@icloud.com y ( Type in my own password) passwd: Entered in my apple id password passwd: Entered in my apple id password n ( no advanced config)

Whats your output of rclone version ?

Hello. Thank you to @mikegillan for this PR. I am also on Apple Silicon and followed the build steps laid out by @zirkuswurstikus . I can confirm this has worked for me as well.

Nice job, I add more function for that to let it work with #8818

If it's looks fine for you , please merge it, thank you @mikegillan

Just compiled this PR on Apple Silicon (M2 Air), mounted a directory and read a file without issues.

~/go/bin$ ./rclone version
rclone v1.74.0-DEV
- os/version: fedora 42 (64 bit)
- os/kernel: 6.18.10-402.asahi.fc42.aarch64+16k (aarch64)
- os/type: linux
- os/arch: arm64 (ARMv8 compatible)
- go/version: go1.25.7 X:nodwarf5
- go/linking: dynamic
- go/tags: none

Thanks, @mikegillan for this PR and all maintainers for this project.

Hi all ,
The same flow consistently fails on Linux with whats below. Generated by CLAUDE , confirmed by me.

The error is same as before:

Error: HTTP error 400 (400 Bad Request) returned body: {"success":false,"error":"Invalid Session Token"}

Environment:

• OS: Ubuntu 24.04 (Linux x86_64)
• rclone: v1.73.1 and v1.74.0-beta

Observations:

• SRP handshake appears to complete (password is accepted, no credential error)
• Failure occurs at the session token validation step on Apple's servers
• Identical Apple ID and app-specific password work via the browser-based cookie workaround
• iCloud prerequisites confirmed: ADP off, "Access iCloud Data on the Web" on

Hypothesis:
Apple may be fingerprinting the SRP session request and rejecting it based on platform/user-agent characteristics specific to the Linux client, or there is a subtle difference in the
SRP implementation that only manifests on Linux.

Workaround: Browser-based cookie extraction via icloud_cookie_extractor.sh (see #8587).

@harijay according to you post you are using a 1.74-BETA. Do you follow the provided instruction to build rclone?

Run this and paste output

mkdir -p /tmp/rclone
cd /tmp/rclone
git clone https://github.com/rclone/rclone.git .
git fetch origin pull/9209/head:pr-9209
git checkout pr-9209
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -trimpath -ldflags='-s -w' -o build/rclone-pr9209-linux-amd64 ./

rclone version

Thanks @zirkuswurstikus . I didnt notice that AI pulled from beta branch instead of the PR. It is all working now . Was super thrilled when the 2FA popped up on my phone. I had been trying to get this functionality for months now.

You all rock!!

Hari

Here is the CLAUDE message

Update: Works on Linux when built directly from this PR branch

After being prompted by @zirkuswurstikus to build from the PR branch rather than using the beta release, I can confirm SRP auth works on Linux.

Build used:
rclone v1.74.0-DEV

• os/version: ubuntu 24.04 (64 bit)
• os/kernel: 6.17.0-14-generic (x86_64)
• go/version: go1.25.0

Built with:
git fetch origin pull/9209/head:pr-9209
git checkout pr-9209
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -trimpath -ldflags='-s -w' -o build/rclone-pr9209-linux-amd64 ./

Key finding: You must use your real Apple ID password, not an app-specific password. The SRP handshake requires the real password for the cryptographic exchange. Previous failures
(including my earlier report of authSRPComplete: sign in failed: 401) were caused by using an app-specific password via rclone config create non-interactively.

The interactive rclone config flow correctly prompted for the 2FA code sent to my phone, completed the SRP handshake, and stored session cookies. rclone lsd successfully listed my
iCloud Drive.

@harijay according to you post you are using a 1.74-BETA. Do you follow the provided instruction to build rclone?

Run this and paste output

mkdir -p /tmp/rclone
cd /tmp/rclone
git clone https://github.com/rclone/rclone.git .
git fetch origin pull/9209/head:pr-9209
git checkout pr-9209
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -trimpath -ldflags='-s -w' -o build/rclone-pr9209-linux-amd64 ./

rclone version

Thanks to @xz-dev for the fix for mainland China, this should work for everyone now. We just need someone to approve it!

This worked for me as well. Thank you to all who worked on it!

OS: Ubuntu 22.04 (64 bit)
Kernel: 5.15.0-171-generic (x86_64)
Architecture: amd64
Go version: go1.25.3
Build command: CGO_ENABLED=0 go build -trimpath -ldflags='-s -w' -o rclone ./

@JoshPaterson would you mind to also look at #8734? Should hopefully add photos support!

I am receiving two different types of errors for files that are in folders that were shared to me by someone else. Files that I shared from my account to others don't have errors.

• Subfolders within folders that were shared with me had "HTTP 400 Bad Request" errors
• Files within folders shared with me had "RootURL not set" errors.

Please let me know if you'd like more information about these errors or the files that caused them.