diff --git a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php
index 5cf37e6e1..2f23916cd 100644
--- a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php
+++ b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php
@@ -92,7 +92,8 @@ class SnappyMailHelper
 				if ($doLogin && $aCredentials[1] && $aCredentials[2]) {
 					try {
 						$ocSession = \OC::$server->getSession();
-						if ($ocSession->get('is_oidc')) {
+						if (true === $aCredentials[2]) {
+							// OIDC
 							$pwd = new \SnappyMail\SensitiveString($aCredentials[1]);
 							$oAccount = $oActions->LoginProcess($aCredentials[1], $pwd);
 							if ($oAccount) {
@@ -102,7 +103,7 @@ class SnappyMailHelper
 							$oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]);
 							if ($oAccount && $oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DefaultOff) === \RainLoop\Enumerations\SignMeType::DefaultOn) {
 								$oActions->SetSignMeToken($oAccount);
-							}	
+							}
 						}
 					} catch (\Throwable $e) {
 						// Login failure, reset password to prevent more attempts
@@ -155,9 +156,9 @@ class SnappyMailHelper
 			if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false)) {
 				if ($ocSession->get('is_oidc')) {
 					// IToken->getPassword() ???
-					if ($sAccessToken = $ocSession->get('oidc_access_token')) {
+					if ($ocSession->get('oidc_access_token')) {
 						$sEmail = $config->getUserValue($sUID, 'settings', 'email');
-						return [$sUID, $sEmail, $sAccessToken];
+						return [$sUID, $sEmail, true];
 					}
 					\SnappyMail\Log::debug('Nextcloud', 'OIDC access_token missing');
 				} else {
diff --git a/plugins/nextcloud/index.php b/plugins/nextcloud/index.php
index 3bf4d65db..68cc1fe65 100644
--- a/plugins/nextcloud/index.php
+++ b/plugins/nextcloud/index.php
@@ -109,6 +109,7 @@ class NextcloudPlugin extends \RainLoop\Plugins\AbstractPlugin
 		 && \OC::$server->getSession()->get('is_oidc')
 		 && $sNcEmail === $oSettings->username
 		 && !$bAccountDefinedExplicitly
+		 && $oAccount instanceof \RainLoop\Model\MainAccount
 //		 && $oClient->supportsAuthType('OAUTHBEARER') // v2.28
 		) {
 			$sAccessToken = \OC::$server->getSession()->get('oidc_access_token');