I am using SAML for login for our internal users and enabled:
must approve usersauto approve email domains (with our domain)When my users are trying to login, they still have to wait for approval by staff. I was not expecting this behaviour based on the wording of the settings.
As we are in the trial phase, that is not a problem but when expanding that will be an annoyance (still not a big deal, but an annoyance).
We are using 2.9.0.beta4.
I’ve just tried to replicate this on my test site (no SAML), and it worked as expected, which may make it an SSO thing?
must approve users
auto approve email domains
I’m not sure if they are related—but, I was wondering if you had these two commits on your test site:
My test site is currently on 17227e9e53, so should include those commits. 
What version are you using @Jonathan_Poyer?
I’ve now upgraded to latest (I had not). I will have to wait on Monday to get someone else to test as I don’t have the hand on adding a new user.
Will keep you informed
@Jonathan_Poyer Can I confirm that this is not something that changed with a recent update? From my investigation, it looks like DiscourseConnect has never supported auto approve email domains which is a bug. The bug will be fixed by FIX: DiscourseConnect login did not auto approve based on email domain by tgxworld · Pull Request #17006 · discourse/discourse · GitHub
I have deployed the latest version available today (7da074d5). I have the following configured:
I have asked a user but I still see them as pending “Needs approval”
I think @tgxworld’s fix was for DiscourseConnect and not SAML, which may explain why your site is still experiencing the issue. Is a fix for SAML on the cards too @tgxworld?
