By default, oauth_allow_remapping_of_existing_users is set to false. This means existing accounts cannot be re-authenticated with a new authentication provider.
This is very confusing to users that have, e.g., existing manual accounts and want to switch to SAML/OIDC, as they have to set this setting through console before being able to move their existing accounts over to the external authentication provider.
The same is true for user accounts created through LDAP sync
https://community.openproject.org/wp/45672
Then, existing users should be able to log in using their OIDC identity. Note that this works only if the user is using password-based authentication, and is not linked to any other authentication source (e.g. LDAP) or identity provider.
Then, existing users should be able to log in using their OIDC identity. Note that this works only if the user is using password-based authentication, and is not linked to any other authentication source (e.g. LDAP) or identity provider.
Note that this setting is set to true by default for new installations already.
Then, existing users should be able to log in using their Azure identity. Note that this works only if the user is using password-based authentication, and is not linked to any other authentication source (e.g. LDAP) or OpenID provider.
Then, existing users should be able to log in using their Azure identity. Note that this works only if the user is using password-based authentication, and is not linked to any other authentication source (e.g. LDAP) or OpenID provider.
Note that this setting is set to true by default for new installations already.
Then, existing users should be able to log in using their SAML identity. Note that this works only if the user is using password-based authentication, and is not linked to any other authentication source (e.g. LDAP) or OpenID provider.
Then, existing users should be able to log in using their SAML identity. Note that this works only if the user is using password-based authentication, and is not linked to any other authentication source (e.g. LDAP) or OpenID provider.
Note that this setting is set to true by default for new installations already.
**Q: Could the users be automatically logged in to OpenProject if they are already authenticated at the SAML Identity Provider?**
**Q: Could the users be automatically logged in to OpenProject if they are already authenticated at the SAML Identity Provider?**