I installed openID plugin and our IT configured everything needed (added also username and email claims) but unfortunately every new user must always register first and activate account with the email.
Is there any trick to avoid this and use directly username and email for SSO?
Thank you very much.
Regards,
Daniela
Hi Daniela! Welcome. 
Sounds to me like you need to review your settings. Is the external auth provider one one of the ones with instructions above, or different?
Can you tell me how these settings are set? This is what works for me, using Okta as the external auth provider. I would be careful about deselecting enable_local_logins until everything else is working and you know you are able to log in via openid.
- openid_connect_enabled → SELECTED
- openid_connect_discovery_document →
https://=okta_subdomain=.okta.com/.well-known/openid-configuration- openid_connect_client_id → Client id from Okta App page
- openid_connect_client_secret → Client secret from Okta App page
- openid_connect_overrides_email → SELECTED
- openid_connect_authorize_scope →
openid email profile- enable_local_logins → NOT selected
- enable_local_logins_via_email → NOT selected
- email_editable → NOT selected
- openid connect rp initiated logout → SELECTED
- auth_overrides_email → SELECTED
- auth_overrides_username → SELECTED
- auth_overrides_name → SELECTED
- auth_immediately → SELECTED
- auth_skip_create_confirm → SELECTED
@tobiaseigen Thank you very much for your quick help!
We had missing settings in auth part. It is working properly now.
Thank you.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.