Hello,
I’m looking for a site setting that disables local signups, but maintains OpenID connect new account registrations.
Looking back at user reports from January the majority pointed to a site text This was the error message: New account registrations are not allowed at this time. and would have caused me to enable Allow_new_registrations.
Browsing through all the available settings i can’t see an explicit, registrations allowed via OIDC but not the local site.
I have however used a Data Explorer query to check for any users (acting against ToS of course) using their DevTools to unhide sign up button or selectively disable a JS re-direct;
SELECT
u.id,
u.username,
u.name,
ue.email,
u.active,
u.approved,
u.created_at,
u.last_seen_at
FROM users u
LEFT JOIN user_associated_accounts uaa
ON uaa.user_id = u.id
LEFT JOIN user_emails ue
ON ue.user_id = u.id
AND ue.primary = true
WHERE uaa.user_id IS NULL
AND u.staged = false
ORDER BY u.last_seen_at DESC NULLS LAST, u.created_at DESC
I appreciate that the user acting against my policy, would still need to verify their email address, it’s just that i don’t want user registering that might not have an account in the institution providing me with my OIDC needs.