mirror of
https://github.com/zulip/zulip.git
synced 2025-11-01 20:44:04 +00:00
c4bb6509dd
Zulip supports a configuration where account creation is limited solely by being able to authenticate with a single-sign on authentication backend, such as Google Authentication, SAML, or LDAP (i.e., the organization places no restrictions on email address domains or invitations being required to join, but has disabled the EmailAuthBackend that is used for email/password authentication). A bug in the Zulip server meant that Zulip allowed users to create an account in such organizations by confirming their email address, without having an account with the SSO authentication backend. Co-authored-by: Tim Abbott <tabbott@zulip.com>