Third party authentication is a great way to help your users to login to Zammad
more easily. If the account is yet unknown, Zammad will create a new user
automatically, without the user needed to interact (e.g. type in his name).
Another big advantage of this feature is that your user doesn’t need to remember
We’re currently missing documentation for the following login providers:
You can deactivate logging in via Password Login if any
of above mentioned authentication providers are enabled in your instance.
Automatic account link on initial logon
In general there’s two possible options for Zammad on how to deal with
already known users as they try to authenticate against a third-party
application. By default, Zammad will not automatically link “unknown”
authentication providers to existing accounts.
This means that the user has to manually link authentication providers to their
accounts (for more about this
consult the user documentation).
Sometimes this doesn’t come in handy as this also means you’ll receive
error messages about “email address being in use already” for (yet) unknown
third-party authentication methods.
If you want to allow your users to always be able to log in, no matter what,
you may want to enable
Automatic account link on initial logon.
Automatic account linking notification
To improve security and your users awareness, you can enable Zammad to
notify your users when a new third-party application has been linked to their
This notification is sent out once per third-party application.
Zammad does also mention the method used, e.g.:
By default this setting is not active (set to
This notification is only sent if the account in question already exists.
If the login via the third-party also creates the missing account,
the notification will be skipped.
This means it only affects: