Skip to content

Fix UIA password flow not advertised for LDAP users#378

Open
yefimg wants to merge 1 commit intomatrix-construct:mainfrom
yefimg:fix/uiaa-ldap-password-flow
Open

Fix UIA password flow not advertised for LDAP users#378
yefimg wants to merge 1 commit intomatrix-construct:mainfrom
yefimg:fix/uiaa-ldap-password-flow

Conversation

@yefimg
Copy link
Contributor

@yefimg yefimg commented Mar 17, 2026

Fix "No appropriate authentication flow found" error for LDAP users trying to reset the password.
Advertise the password flow when LDAP is enabled.

@jevolk jevolk self-requested a review March 17, 2026 17:09
@yefimg
Fix UIA password flow not advertised for LDAP users
c524d96 
LDAP users are registered with a sentinel password ("*"), causing
has_password() to return false. This meant no authentication flow was
advertised in UiaaInfo for these users, breaking operations that require
User-Interactive Authentication (e.g. encryption reset / cross-signing
key upload) with "No appropriate authentication flow found".

Advertise the password flow when LDAP is enabled, since the UIAA service
already supports verifying credentials against LDAP.
@yefimg yefimg force-pushed the fix/uiaa-ldap-password-flow branch from a0845cb to c524d96 Compare March 18, 2026 14:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jevolk jevolk Awaiting requested review from jevolk

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yefimg