Skip to content
This repository was archived by the owner on Apr 26, 2024. It is now read-only.
This repository was archived by the owner on Apr 26, 2024. It is now read-only.

Allow disabling registration via OIDC and only limiting SSO to sign-in #11968

Closed
#14978
Closed
Allow disabling registration via OIDC and only limiting SSO to sign-in#11968
#14978
Labels
S-MinorBlocks non-critical functionality, workarounds exist.T-DefectBugs, crashes, hangs, security vulnerabilities, or other reported issues.
@digitalentity

Description

@digitalentity
digitalentity
opened on Feb 11, 2022

Description:

For some setups that don't allow user registration it may be worthwhile to allow OIDC or OAuth2.0 sign-in for user convenience. However, I haven't found a way to disable creation of new users via OIDC. Sign-in works, but it also enables new users to sign-in to the server freely.

It would be great to change allow_existing_users (or have a new setting) with an enum:

  • no = don't allow sign-in for an existing user
  • yes = allow sign-in for a pre-existing user w/o OIDC mapping
  • only = implies yes, but additionaly restricts the sign-in to match only pre-existing users

Metadata

Metadata

Assignees

No one assigned

    Labels

    S-MinorBlocks non-critical functionality, workarounds exist.T-DefectBugs, crashes, hangs, security vulnerabilities, or other reported issues.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions