Add setting to disable CAS sign up


CAS is a tool for authenticating users on an application. Actually on Rocket.Chat it’s also used for creating accounts, but, there is a problem. We have users on Rocket.Chat.

We want to use CAS for authentificate existing users, so, I have added to users the object CAS in service object like this :


It’s working great I can now login with CAS authentification… Without doing that I had the error message : Account is already existing…

The big problem, we have CAS users that we don’t want to access the chat, but with CAS activated they can create an account without our approval.

The accounts are actually created by LDAP on a specific place… On CAS we have all users.

Steps to reproduce:

Use CAS button to login it works with existing account…
Use CAS button to register it also works… but I don’t want that.

Expected behavior:

Rocket Chat tell : Creating account by CAS is currently disabled by administrator. You can only login in.

Actual behavior:

RocketChat create an account with any CAS…

Server Setup Information:

  • Version of Rocket.Chat Server: 0.71.1
  • Operating System: Ubuntu 18.04
  • Deployment Method: docker ( docker-compose.yml )
  • Number of Running Instances: 1
  • DB Replicaset Oplog:
  • NodeJS Version: v8.11.3
  • MongoDB Version: 3.4.18…

I suggest you and I would like that you add a setting like : Disable CAS Register in CAS settings. To only have CAS login.


I’m agree CAS should be used only to manage the Authentication part, and we should be able to chain with the user backend of our choice (like LDAP).

That’s exactly what we want to do… Sync users with LDAP and authentificate with CAS.

I agree too. I need sync with ldap and authenticate with CAS.


Any news about this feature ?

How can we use CAS and sync users with LDAP ?

As information, I pushed a Pull Request that permit to avoid to create users from CAS auth when you synchronized user from LDAP: