External Authentication ID stopped working #1765

New Issue

Closed

opened 2026-02-05 01:49:04 +03:00 by OVERLORD · 6 comments

OVERLORD commented 2026-02-05 01:49:04 +03:00

Owner

Copy Link

Originally created by @kabaga on GitHub (Jun 14, 2020).

Describe the bug
When LDAP has been enabled, LDAP users are able to login. However, the local admin account with External Authentication ID configured, cannot login.

Steps To Reproduce
Steps to reproduce the behavior:

1. Enabled ldap by editing .env (AUTH_METHOD=ldap)
2. Login to the web UI using the local admin account
3. Will get an error message stating "These credentials do not match our records."

Expected behavior
Step 3 should allow the local admin account to login to the system.

Screenshots
n/a

Your Configuration (please complete the following information):

• Exact BookStack Version (Found in settings): 0.29.3
• PHP Version: PHP 7.3.18
• Hosting Method (Nginx/Apache/Docker): not sure. I am using the linuxserver/docker-bookstack

Additional context
n/a

Originally created by @kabaga on GitHub (Jun 14, 2020). **Describe the bug** When LDAP has been enabled, LDAP users are able to login. However, the local admin account with External Authentication ID configured, cannot login. **Steps To Reproduce** Steps to reproduce the behavior: 1. Enabled ldap by editing .env (AUTH_METHOD=ldap) 2. Login to the web UI using the local admin account 3. Will get an error message stating "These credentials do not match our records." **Expected behavior** Step 3 should allow the local admin account to login to the system. **Screenshots** n/a **Your Configuration (please complete the following information):** - Exact BookStack Version (Found in settings): 0.29.3 - PHP Version: PHP 7.3.18 - Hosting Method (Nginx/Apache/Docker): not sure. I am using the linuxserver/docker-bookstack **Additional context** n/a

OVERLORD closed this issue 2026-02-05 01:49:04 +03:00

OVERLORD commented 2026-02-05 01:49:11 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Jun 21, 2020):

Hi @kabaga,
Just so I understand, On step 2 where you mention a "local admin account", is this an account that exists in your LDAP system?

@ssddanbrown commented on GitHub (Jun 21, 2020): Hi @kabaga, Just so I understand, On step 2 where you mention a "local admin account", is this an account that exists in your LDAP system?

OVERLORD commented 2026-02-05 01:49:16 +03:00

Author

Owner

Copy Link

@kabaga commented on GitHub (Jun 21, 2020):

No, the admin account locally created in Bookstack

@kabaga commented on GitHub (Jun 21, 2020): No, the admin account locally created in Bookstack

OVERLORD commented 2026-02-05 01:49:19 +03:00

Author

Owner

Copy Link

@Dayflare commented on GitHub (Jun 26, 2020):

to login with the standard bookstack authentication system you need to change AUTH_METHOD=standard
if you set it to ldap it always tries to authenticate with the ldap server.

@Dayflare commented on GitHub (Jun 26, 2020): to login with the standard bookstack authentication system you need to change AUTH_METHOD=standard if you set it to ldap it always tries to authenticate with the ldap server.

OVERLORD commented 2026-02-05 01:49:22 +03:00

Author

Owner

Copy Link

@kabaga commented on GitHub (Jun 27, 2020):

to login with the standard bookstack authentication system you need to change AUTH_METHOD=standard
if you set it to ldap it always tries to authenticate with the ldap server.

I should be able to use the local account because it has admin privilege. To get the local account to work with ldap, the External Authentication ID should be enabled. https://www.bookstackapp.com/docs/admin/ldap-auth/

@kabaga commented on GitHub (Jun 27, 2020): > to login with the standard bookstack authentication system you need to change AUTH_METHOD=standard > if you set it to ldap it always tries to authenticate with the ldap server. I should be able to use the local account because it has admin privilege. To get the local account to work with ldap, the External Authentication ID should be enabled. https://www.bookstackapp.com/docs/admin/ldap-auth/

OVERLORD commented 2026-02-05 01:49:26 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Jun 28, 2020):

Hi @kabaga,
Since you're getting ""These credentials do not match our records." I'd imagine one of the following is true:

• The credentials you're using to login are wrong.
• The configured LDAP user search does not match any users for the username you're giving.
• A user is being matched but the details are already in use (Maybe email) for a user that does not have a matching external auth id.

Does LDAP login work for other LDAP accounts?
If so, and it's only this admin account you're having issues with, You could try removing any common details, with the LDAP user, from the BookStack admin user, including clearing the "External Auth ID". Then, with LDAP enabled, login as the intended LDAP account to create the account with the right settings, then log back in with standard authentication to promote that new "admin" LDAP user.

@ssddanbrown commented on GitHub (Jun 28, 2020): Hi @kabaga, Since you're getting ""These credentials do not match our records." I'd imagine one of the following is true: - The credentials you're using to login are wrong. - The configured LDAP user search does not match any users for the username you're giving. - A user is being matched but the details are already in use (Maybe email) for a user that does not have a matching external auth id. Does LDAP login work for other LDAP accounts? If so, and it's only this admin account you're having issues with, You could try removing any common details, with the LDAP user, from the BookStack admin user, including clearing the "External Auth ID". Then, with LDAP enabled, login as the intended LDAP account to create the account with the right settings, then log back in with `standard` authentication to promote that new "admin" LDAP user.

OVERLORD commented 2026-02-05 01:49:29 +03:00

Author

Owner

Copy Link

@kabaga commented on GitHub (Jul 13, 2020):

Hi,
Sorry for the late reply. In the Bookstack settings, I was using the email login when it was failing. Everything seems to be working as intended. The problem is more of a user error.

Thanks!

@kabaga commented on GitHub (Jul 13, 2020): Hi, Sorry for the late reply. In the Bookstack settings, I was using the email login when it was failing. Everything seems to be working as intended. The problem is more of a user error. Thanks!

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

further_theme_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#1765