OIDC / Azure Login Conflict #4281

New Issue

OVERLORD · 2026-02-05T08:25:12+03:00

OVERLORD commented

2026-02-05 08:25:12 +03:00

Originally created by @muhzak on GitHub (Oct 30, 2023).

Describe the Bug

I am not sure if this is a bug, but we had Microsoft Azure login setup.

We want to either migrate to OIDC or keep both. Once OIDC was setup when we try to login with it for users that already are signed up it says:

"A user with the email ***[email protected] already exists but with different credentials.".

Should it not just let us login with that user if the authentication passes? Please note Azure login still works, but OIDC does not.

Steps to Reproduce

Setup Microsoft Azure login
Create a user and login as them.
Setup OIDC and try to login with the same user -> bug should occur.

Expected Behaviour

I should be able to login with Azure or OIDC etc. Currently Azure does work.

Screenshots or Additional Context

No response

Browser Details

MacOS

Exact BookStack Version

BookStack v23.08.3

Originally created by @muhzak on GitHub (Oct 30, 2023). ### Describe the Bug I am not sure if this is a bug, but we had Microsoft Azure login setup. We want to either migrate to OIDC or keep both. Once OIDC was setup when we try to login with it for users that already are signed up it says: "A user with the email ***[email protected] already exists but with different credentials.". Should it not just let us login with that user if the authentication passes? Please note Azure login still works, but OIDC does not. ### Steps to Reproduce 1. Setup Microsoft Azure login 2. Create a user and login as them. 3. Setup OIDC and try to login with the same user -> bug should occur. ### Expected Behaviour I should be able to login with Azure or OIDC etc. Currently Azure does work. ### Screenshots or Additional Context _No response_ ### Browser Details MacOS ### Exact BookStack Version BookStack v23.08.3

OVERLORD added the 🐛 Bug label 2026-02-05 08:25:12 +03:00

OVERLORD closed this issue

2026-02-05 08:25:14 +03:00

OVERLORD commented

2026-02-05 08:25:18 +03:00

@ssddanbrown commented on GitHub (Oct 30, 2023):

Should it not just let us login with that user if the authentication passes?

No, I'd expect the error you're seeing. BookStack will be cautious in this scenario and when it finds there's already a user of the same email, but that user does not match the external auth account identifier, it'll show that warning, and not do any kind of auto-mapping/acceptance to err on the side of caution.

You can find a section on this in our docs here ("Switching to OIDC with Existing Users" section):
https://www.bookstackapp.com/docs/admin/oidc-auth/#switching-to-oidc-with-existing-users

And I also touch on this field in my video here at about the 16:10 mark:
https://foss.video/w/n67qNijhf8BdTRQys8SDYf?start=16m10s

@ssddanbrown commented on GitHub (Oct 30, 2023): > Should it not just let us login with that user if the authentication passes? No, I'd expect the error you're seeing. BookStack will be cautious in this scenario and when it finds there's already a user of the same email, but that user does not match the external auth account identifier, it'll show that warning, and not do any kind of auto-mapping/acceptance to err on the side of caution. You can find a section on this in our docs here ("Switching to OIDC with Existing Users" section): https://www.bookstackapp.com/docs/admin/oidc-auth/#switching-to-oidc-with-existing-users And I also touch on this field in my video here at about the 16:10 mark: https://foss.video/w/n67qNijhf8BdTRQys8SDYf?start=16m10s

OVERLORD commented

2026-02-05 08:25:19 +03:00

@muhzak commented on GitHub (Oct 31, 2023):

Wow, not sure how I missed that. Thank you!

@muhzak commented on GitHub (Oct 31, 2023): Wow, not sure how I missed that. Thank you!

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#4281