Allow silent registration when LDAP is enabled and using Social Login #482

New Issue

OVERLORD · 2026-02-04T20:30:34+03:00

OVERLORD commented

2026-02-04 20:30:34 +03:00

Originally created by @tuaris on GitHub (Oct 26, 2017).

I know this comes off initially as an odd request: allowing silent registration when LDAP is enabled and using something like Google SSO. However there is a use case for it.

Consider a case where originally users where signing in using LDAP and the application is later configured to use SSO. Obviously in a business type setting, registrations would be limited to a single domain. Thus it does make sense to continue allowing LDAP user to sign in with the option to link there Google account.

There may also be cases where not all users are present in LDAP but are present in Google. Again, in a business setting, the registration domain would be limited.

Expected Behavior

LDAP log-in is enabled, registration is enabled and limited to a domain.
Existing LDAP users can continue to sign in.
Existing LDAP user can link the Google account
User can now sign in using Google or LDAP.
New users attempt to log in using Google (the registration page would still be disabled)
New user is automatically registered.

Current Behavior

When Google SSO is enabled, and LDAP login is enabled, new users are unable to login/create account.

Steps to Reproduce

Enable Google SSO
Attempt to register as new user

Originally created by @tuaris on GitHub (Oct 26, 2017). I know this comes off initially as an odd request: allowing silent registration when LDAP is enabled and using something like Google SSO. However there is a use case for it. Consider a case where originally users where signing in using LDAP and the application is later configured to use SSO. Obviously in a business type setting, registrations would be limited to a single domain. Thus it does make sense to continue allowing LDAP user to sign in with the option to link there Google account. There may also be cases where not all users are present in LDAP but are present in Google. Again, in a business setting, the registration domain would be limited. ##### Expected Behavior LDAP log-in is enabled, registration is enabled and limited to a domain. Existing LDAP users can continue to sign in. Existing LDAP user can link the Google account User can now sign in using Google or LDAP. New users attempt to log in using Google (the registration page would still be disabled) New user is automatically registered. ##### Current Behavior When Google SSO is enabled, and LDAP login is enabled, new users are unable to login/create account. ##### Steps to Reproduce Enable Google SSO Attempt to register as new user

OVERLORD added the 🛠️ Enhancement label 2026-02-04 20:30:34 +03:00

OVERLORD closed this issue

2026-02-04 20:30:36 +03:00

OVERLORD commented

2026-02-04 20:30:41 +03:00

@ssddanbrown commented on GitHub (Sep 21, 2018):

Thanks for this request @tuaris.

As mentioned in your related issue here: https://github.com/BookStackApp/BookStack/issues/574#issuecomment-423613126

This will now generally be possible to do as of the next release therefore I will close this.

@ssddanbrown commented on GitHub (Sep 21, 2018): Thanks for this request @tuaris. As mentioned in your related issue here: https://github.com/BookStackApp/BookStack/issues/574#issuecomment-423613126 This will now generally be possible to do as of the next release therefore I will close this.

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#482