RC creates new users with custom OAuth even if it was disabled

karabanga · February 9, 2021, 9:51am

Description

My instance of RC imports users from dedicated group of Active Directory.
Users are mapped to guests or users according their membership in AD.
Manual registration is turned off.
Everything ok.
Then I set up RC to use Keycloak as custom OAuth and see that RC is registering users that were not imported from AD.
I’ve found settings in Accounts → Registration:
Registration with Authentication Services - is ignored for custom OAuth
Default Roles for Authentication Services - users, created with custom OAuth respect this setting.
So now I’ve set them to be created as guests. But I think that “Registration with Authentication Services” setting should be respected by custom OAuth. And may be it should be turned off by default.

Server Setup Information

Version of Rocket.Chat Server: 3.9.7
Operating System: Ubuntu 18
Deployment Method: SNAP

Topic		Replies	Views
Custom oAuth setup Community Support	4	1204	February 14, 2019
LDAP auth with bind or must users be imported first? Community Support	2	2213	August 8, 2018
Setting to just allow new users to log in with LDAP? Community Support	2	232	February 27, 2023
User registration is disabled for authentication services [registration-disabled-authentication-services] Community Support	0	767	January 14, 2021
Migration LDAP to Oauth Keyckoak Community Support	0	228	May 15, 2023

Join our Community Open Call tomorrow where we'll share more details regarding recent changes and answer questions about updating your workspace to the latest Rocket.Chat

RC creates new users with custom OAuth even if it was disabled

Description

Server Setup Information

Related Topics