I was able to activate the social login feature of Zammad. The problem I am facing: It works really well for users not being already registered. I require a setup where the admin has full control over the user management and the social login is a feature for the user to ease the interaction with Zammad because they do not have to remember another password.
A user sees the offer to use Google Login (as soon as it is configured in Zammad), uses it and is logged in - no matter if he is a new user or if there is already an existing user account for this email address or not.
Actual behavior:
Google OAuth2 is activated
Zammad authenticates against Google
If the user doesn’t exist everything works finde
If the user exists the error message 422: The change you wanted was rejected. is shown
Steps to reproduce the behavior:
Create a user with an email address for which there is also a Google Account
By the way, this also occurs when receiving mails of to you unknown users. Zammad will automatically create a user account for the user, as it’s technically required for tickets to exist.
You currently can’t forbidd users to create accounts via third party authentications.
Besides, there’s already a feature request on our backlog to address this.
Thank you very much for your reply. I read and tried to understand the cited issue https://github.com/zammad/zammad/issues/2503 and came to the conclusion that this issue only covers the aspect of unwanted registration.
The problem with the error message when an already registered and active user wants to use the social login feature (e.g. Google OAuth2) isn’t addressed there. Am I right? Do you have any further information on that topic? Thank you!
Issue 2503 already is the right issue for that.
Currently it’s missing me bringing it into shape to hold the “disallow registration via third party authentications if disabled”.
I’ve got that on my list.
I can’t provide any further information on that topic, I’m sorry.