External Authentication Account Activation

Dear Support,

What does this option do actually? There are two options:

  • Automatic activation of external accounts
  • Manual activation of external accounts

Suppose our Rhodecode server is configured to authenticate against ldap. What would be the situation if a new user logs in for the first time if this option is on “Automatic…”, and what will happen if this is on “Manual…”.


I’m also puzzled by this setting. I tried both options, and the behavior is the same: LDAP users can successfully login and it does create a new User on first-time logins, but they can use RhodeCode right away as any other user, without any activation step.

This setting is for a registration option. It means it applies for users who register using the registration form. Since LDAP is authentication option only we assume if user is able to log-in correctly via LDAP, he’s an activated account already.

Registration form can be open, so anyone can be register, this option allows manually activating account that do so.

I’m still confused. In my mind, what you describe is the “Registration” setting, that can be “Disabled”, “Allowed with manual account activation” or “Allowed with automatic account activation”. What’s the difference with the setting “External Authentication Account Activation”, then?

When using SAML or Oauth (e.g OneLogin, or Github) Users still need to fill in the registration to bind account. This is considered “external” account

1 Like