Third-Party Applications

Third party authentication is a great way to help your users to login to Zammad more easily. If the account is yet unknown, Zammad will create a new user automatically, without the user needed to interact (e.g. type in his name). Another big advantage of this feature is that your user doesn’t need to remember another password.

You can deactivate logging in via Password Login if any of the mentioned authentication providers are enabled in your instance.

Note

We’re currently missing documentation for the following login providers:

  • LinkedIn

  • Weibo

Automatic Account Linking Notification

To improve security and your users awareness, you can enable Zammad to notify your users when a new third-party application has been linked to their account.

This notification is sent out once per third-party application. Zammad does also mention the method used, e.g.: Microsoft.

By default this setting is not active (set to no).

Screenshot showing sample notification mail after initial third-party linking

X

Note

This notification is only sent if the account in question already exists. If the login via the third-party also creates the missing account, the notification will be skipped.

This means it only affects:

  • manual account linking within the third-party page of the users profile

  • logging into an existing local account by utilizing the automatic account link on initial logon functionality

Screenshot showing the "automatic account linking notification" setting

No User Creation on Logon

By default, Zammad will create a new user account if the user logs in via a third-party application and the account doesn’t exist yet.

If you want to prevent Zammad from creating new accounts on logon, you can disable this feature by setting No user creation on logon to yes.

Screenshot showing the "no user creation on logon" setting