oCIS LDAP Login via E-Mail


I’ve successfully set up oCIS with an LDAP backend and I can login via username and password. I’d like to be able to login using either the username or the e-mail address.

Therefore I removed IDP_LDAP_LOGIN_ATTRIBUTE: "uid" and instead added LDAP_LOGIN_ATTRIBUTES: "uid,mail" but I still can only login with the username.

Any ideas how to solve this?


Unfortunately currently, the builtin IDP (lico), only allows using a single attribute as the login attribute. You might want to open a feature request in github to enhance that.

Or use Keycloak as IDP together with openLDAP …

1 Like

Thanks for the information. It’s good to know that it’s supported by oCIS in general but not yet implemented for the internal IdP. I opened Allow mulitple login attributes with lico · Issue #7870 · owncloud/ocis · GitHub.

We will have an external IdP in the future anyway, but for now we will have to deal with the internal one.

You could try the ocis-keycloak docker deployment, maybe this will be suitable for you. https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_keycloak


To enable LDAP login via email in oCIS, ensure LDAP_LOGIN_ATTRIBUTES is set correctly for ‘mail’ and verify LDAP schema compatibility. Check oCIS documentation or forums for detailed configuration steps.