😁
User Guide
6.5
6.5
  • Rocket.Chat
  • Deploy
    • Deploy Rocket.Chat
      • System Requirements
      • Deploy with Docker & Docker Compose
      • Deploy with AWS
      • Deploy with Snaps
      • Updating Rocket.Chat
      • Scaling Rocket.Chat
        • Microservices
        • Running Multiple Instances
        • Automation Tools
          • Ansible
          • OpenShift
          • Vagrant
      • Additional Deployment Methods
        • Deploy with Kubernetes
        • Deploy with Digital Ocean
        • Deploy on Google Compute Engine
        • Deploy with Ubuntu
        • Deploy with CentOS
        • Deploy on Kali
        • Deploy on Debian
        • Deploy on IBM Cloud
        • Deploy on Windows 10
        • Plug-in Deployments
        • Unsupported Methods
          • OpenSUSE Leap 42.2
          • FreeBSD
            • Deploying Rocket.Chat Server Binaries on a FreeBSD system
          • Windows Server
          • Linode
          • Scalingo
          • Cloudron.io
          • Jelastic
          • Aliyun
          • Galaxy
          • Syncloud
          • OpenShift
  • Setup and Configure
    • Rocket.Chat Environment Configuration
      • NodeJs Configuration
      • MongoDB Configuration
        • MongoDB URI Authentication
        • MongoDB Backup and Restore
        • Passing extra options to the Mongo driver
        • Configure a replica set for MongoDB
        • Migrating database from Meteor built in MongoDB
        • MongoDB mmap to wiredTiger migration
        • Supported Mongo Versions
      • Firewall Configuration
      • Additional Configurations
        • Running in a sub folder with Apache
        • Univention Corporate Server (UCS)
        • Setting Up Client SSL Certificate Authentication for Rocket.Chat
        • Setting up Process Managers and Init Systems
      • Configuring SSL Reverse Proxy
      • Environment Variables
    • Installing Client Apps
      • Desktop & Mobile Apps
      • Minimum Requirements for Client Apps
    • Enterprise License Application
    • Accessing Your Workspace
      • Rocket.Chat Setup Wizard
      • Admin Account Creation
      • Basic White-labeling
      • Inviting Users
    • Advanced workspace management
      • Authentication
        • OpenID Connect
          • Gluu Server 4.0
          • Keycloak
          • Okta Identity Cloud Service
        • iframe based Single Sign On
      • Google Translate Integration
      • Managing Settings Using Environmental Variables
      • Identity Management (EE vs CE)
      • Database Migration
      • Restoring an Admin User
      • CDN
      • Troubleshooting
      • Client Compatibility Matrix
    • Enterprise Edition Trial
    • Rocket.Chat Air-gapped Deployment
      • Offline Workspace Registration
      • Offline License
      • Air-gapped workspace Configuration
      • Air-gapped App Installation
    • Roles in Rocket.Chat
  • Use Rocket.Chat
    • User Guides
      • Access your workspace
      • Main Menu
      • User Panel
        • My Account
          • Manage Devices
      • Rooms
        • Channels
          • Create a new Channel
          • Edit A Channel
          • Manage Channel Members
          • Search Messages in a Channel
        • Teams
          • Create a new Team
          • Edit a Team
          • Manage Team Members
          • Manage Team Channels
          • Teams Enterprise Edition
        • Discussions
          • Create a new Discussion
          • Edit A Discussion
          • Search Messages in Discussion
          • Manage Discussion Members
        • Direct Messages
          • Create a new Direct Message
          • Direct Message Actions
        • Threads
          • Create a New Thread
        • Room Roles
      • Messages
        • Message Actions
        • Off-the-record (OTR) Messaging User Guide
      • Notifications
      • Security Bundle
        • Data Loss Prevention User Guide
        • Antivirus ClamAV App
        • End to End Encryption User Guide
        • Two Factor Authentication User Guide
      • Keyboard Shortcuts
    • Workspace Administration
      • Go Fully Featured
      • Workspace
      • Registration
      • Engagement
      • Moderation
      • Federation
      • Rooms
      • Users
        • Guest users
        • Add users through Identity management and authentication services
      • Invites
      • User Status
      • Permissions
        • Setting's Permission
      • Device Management
      • Email Inboxes
      • Mailer
      • Third-party Login
      • Integrations
        • AppVeyor
        • Azure Alerts
        • BitRocket
        • Dead Simple Screen Sharing
        • EasyRedmine
        • Giphy Integrations
        • GitLab
        • Google Calendar
        • GitHub
        • Graylog
        • Jenkins notifications via Rocket.Chat Marketplace
        • JFrog Xray
        • MicroBadger
        • Microsoft Teams
        • NewRelic
        • Nextcloud and WebDAV integrations
        • Nextcloud Rocket.Chat App
        • Nixstats notification
        • PagerDuty
        • Prometheus
        • Grafana
        • Review Board
        • RunDeck Job Notifications
        • Sentry
        • Simple Telegram Bot
        • TravisCI
        • Uptime Robot
        • Zapier
        • django-rocketchat-auth 1.2
        • Add Jira notifications via webhook
      • Import
        • Import from HipChat
        • Import from Slack
          • SlackBridge
        • Import CSV
      • Logs
      • Sounds
      • Emoji
      • Settings
        • Accounts
          • Custom Fields
        • Analytics
        • Assets
        • Bots
        • CAS
        • Conference Call
        • Custom Emoji Filesystem
        • Custom Sound Filesystem
        • Device management settings
        • Discussion
        • E2E Encryption
        • Email
          • Edit your Email Content
          • Direct email reply
          • Email configuration
        • Enterprise
        • Federation
          • Matrix Bridge
            • Matrix Admin Guide
              • Matrix Homeserver Setup
                • Matrix Allow/Block List
              • Matrix Bridge Configuration
            • Matrix User's Guide
              • Create federated rooms
              • Invite external users to your Rocket.Chat server
              • Communicate with a federated user
              • Search and join public channels on the Matrix network
              • Assign roles for users in federated rooms
            • Matrix Bridge FAQs
          • Rocket.Chat Basic Federation
            • Cross-server Federated Channels
        • File Upload
          • Minio
          • Recommendations for File Upload
          • File Upload FAQs
        • General
          • Net Promoter Score (NPS) survey
        • IRC Federation
        • Layout
        • LDAP
          • LDAP Connection Setting
          • LDAP User Search
          • LDAP Data Sync Settings
          • LDAP Enterprise Settings
          • LDAP Examples
        • Logs
        • Message
        • Meta
        • Mobile
        • OAuth
          • Facebook OAuth Setup
          • Google OAuth Setup
          • GitLab OAuth Setup
          • GitHub OAuth Setup
          • GitHub Enterprise OAuth Setup
          • LinkedIn OAuth Setup
          • NextCloud OAuth Setup
          • WordPress OAuth Setup
          • MS Office 365 OAuth Setup
          • Other OAuth Setup
        • Omnichannel Admin's Guide
          • Queue Types (Routing Algorithm)
        • OTR
        • Outlook Calendar
        • Push
        • Rate Limiter
        • Retention Policy
        • SAML
          • Rocket.Chat server settings
          • Simple SAML php
          • Active Directory Federation Services
          • Oracle Identity Cloud Service
          • Keycloak
        • Search
        • Setup Wizard
        • SlackBridge
        • Smarsh
        • SMS
        • Threads
        • Troubleshoot
        • User Data Download
        • Voice Channel
        • Webdav Integration
        • WebRTC
    • Omnichannel
      • Current Chats
      • Reports
      • Analytics
      • Real-time Monitoring
      • Managers
      • Agents
      • Departments
      • Custom Fields
      • Livechat Triggers
      • Livechat Widget Installation
      • Livechat Widget Appearance
      • Webhooks
      • Business Hours
      • Monitors
      • Units
      • Canned Responses
        • Canned Responses Omnichannel Manager's Guide
      • Tags
      • SLA Policies
      • Priorities
    • Message Auditing
      • Review All Message Auditing Panel Search Results
      • Check Historical Edits and Deletions of Messages
      • Assign Message Auditing Permissions to Specific Users
    • Message Auditing Log
    • Rocket.Chat Cloud
      • Create your new cloud account
      • Manage your cloud account
        • Custom domain for your Cloud-hosted workspace
        • Profile
        • Organization Settings
        • Workspaces
        • Invoices
        • Payment Methods
        • Support
        • Security
        • Contact Sales
      • Cloud Account Setup Wizard
    • Rocket.Chat Voice Channel
      • Getting Started with Voice Channel
      • Voice Channel Admin Guide
        • Configure without previously having a PBX server
          • SIP Extensions
          • Configure asterisk manager interface and users
        • Configure with an active PBX server
          • Associate agents with extensions in Rocket.Chat
      • Voice Channel Technical Specification
      • Voice Channel Agent Guides
        • How to make myself available to accept calls?
        • How to take a call in Rocket.Chat voice channel?
        • How to initiate an outbound call as an agent?
      • Voice Channel FAQs
    • Rocket.Chat Conference Call
      • Conference Call Admin Guide
        • Pexip app
        • Jitsi app
        • BigBlueButton (BBB) app
        • Google Meet app
      • Conference Call User's Guide
      • Omnichannel Video/Audio Call Configuration
    • Rocket.Chat Federation
    • Rocket.Chat Mobile
      • Rooms on Rocket.Chat Mobile
      • Messages and Threads on Mobile
      • Push Notifications
        • Secured Push Notification
        • Push Notifications User Guide
    • Omnichannel Agent's Guides
      • Omnichannel Conversation
      • Omnichannel Queue
      • Omnichannel Contact Center
        • Omnichannel Contact Manager Assignment
      • Email Inboxes
  • Extend Rocket.Chat Capabilities
    • Rocket.Chat Marketplace
      • Rocket.Chat Public Apps Guides
        • Omnichannel Apps
          • SMS
          • Telegram App
            • Telegram Agent's Guide
          • Rasa App
          • Salesforce CRM Integration
            • Salesforce CRM Agent's Guide
          • HubSpot CRM
            • HubSpot CRM Agent's Guide
          • Dialogflow App
            • Upload File To Ongoing Dialogflow Chats
          • Twitter App
            • Twitter App Agent's Guide
          • Facebook App
            • Facebook App Agent's Guide
          • WhatsApp
            • WhatsApp Agent's Guide
          • WhatsApp Sandbox
            • WhatsApp Sandbox Agent's Guide
          • Instagram Direct
            • Instagram Direct Agent's Guide
          • WhatsApp Cloud App
            • Configure Whatsapp Cloud App
            • Using WhatsApp Cloud App
        • Atlassian Apps
          • Jira Server v2.0
          • Bamboo Integration
          • Bitbucket Server
          • Confluence Server
          • Jira Server
        • Pexip App
        • Jitsi app
        • BigBlueButton (BBB) app
        • Google Meet app
        • Trello
          • Using the Trello App
        • Zoom
          • Install Zoom App
        • Data Loss Prevention (DLP) App
        • Poll
        • Poll Plus
          • Poll Plus Features
        • Microsoft Teams Bridge
          • Using Microsoft Teams Bridge
        • GitHub App
          • Using GitHub App
        • Google Drive
          • Using the Google Drive App
        • Google Calendar
          • Using the Google Calendar App
        • Zapier App
          • Install Zapier App
          • Using Zapier App
        • ChatGPT App
          • Install ChatGPT App
          • Using ChatGPT App
      • App Storage Location
    • Integrations
    • Rocket.Chat API
  • Resources
    • Frequently Asked Questions
      • Accessing your workspace FAQs
      • My Account FAQs
      • Registration
      • Message Privacy
      • Localization
      • Apps FAQs
      • Update FAQs
      • WhatsApp Cloud API FAQs
      • Cloud FAQs
      • Support FAQs
      • Whatsapp Business App FAQs
      • Identity Management EE FAQ
      • Deployment FAQ
        • Updating Rocket.Chat FAQ
        • Snaps FAQ
      • Omnichannel FAQs
    • Brand and Visual Guidelines
      • Logo
      • Typography
      • Colors
      • Patterns
      • Iconography
      • Photos
      • Brand Usage Examples
      • Media Kit
    • Development Docs
    • Rocket.Chat's Support Structure
      • Enterprise Support and Version Durability
        • Enterprise Support Plans
      • Community Resources
      • Legacy Support
  • Contribute to Rocket.Chat
    • Contributor Code of Conduct
    • How Can I Help?
    • Github Sponsorship
    • Annual Contribution Programs
  • PRIVACY AND SECURITY
    • Privacy and Security Policies
      • Rocket.Chat Privacy Policy
        • Subprocessors
      • Privacy Policy Facebook Messenger
      • Security Policy
    • Security Center
      • Compliance Resources and Certifications
      • Security fixes and updates
        • cve-2022-32211
      • End-to-End Encryption Specifications
    • Privacy Center
      • GDPR
        • Data Processing Agreement
      • LGDP
        • Nomeação do Encarregado pelo Tratamento de Dados Pessoais
  • LEGAL AND COMPLIANCE
    • Rocket.Chat Terms
      • Terms of Service
        • Cloud Deployment Terms/Cloud Terms
      • Master Services Agreement for Self Managed Workspaces
      • Supplemental Terms
        • Master Service Agreement for Professional Services
    • Compliance Center
      • DMCA Policy
      • Law Enforcement
        • Guidelines for Law Enforcement
        • Censorship and Harmful Content
        • Server Lookup
      • Code of Conduct: Services
    • Legal Center
Powered by GitBook
On this page
  • LDAP / AD
  • SAML
  • OAuth / Custom OAuth
  1. Setup and Configure
  2. Advanced workspace management

Identity Management (EE vs CE)

PreviousManaging Settings Using Environmental VariablesNextDatabase Migration

Identity management plays a crucial role in ensuring secure and efficient user access to digital resources. Rocket.Chat, , offers robust identity management features in both its Enterprise Edition (EE) and Community Edition (CE). This document will provide a comprehensive overview of the identity management features in Rocket.Chat's EE and CE, highlighting the differences and capabilities of each. With Rocket.Chat, you can connect to your Active Directory application or Identity Management System through (LDAP), (OAuth), and (SAML).

LDAP / AD

In your workspace, leverage advanced settings such as background sync, roles mapping from groups, auto-logout, and advanced user data sync with LDAP. Here are some differences between the community and enterprise editions when using LDAP.

Community
Enterprise

Login

Login Fallback: This option allows regular password users to log in on Rocket.Chat. It will let LDAP users continue using Rocket.Chat if the LDAP server is down.

Merge with existing Rocket.Chat users: Detect if the LDAP user is already registered on Rocket.Chat and use the same user for both authentication types.

Filter what LDAP users can log in: There are two settings to manage this: Search Filter and Group Filter.

Advanced User Data Sync

Load information from the LDAP user to Rocket.Chat

Load Custom User Data from LDAP: Load any LDAP attribute to a custom field on Rocket.Chat

Advanced-Data Sync: Perform additional operations based on data from LDAP

Roles Mapping from Groups: You can map any LDAP group to a Rocket.Chat role

Auto-Subscribe to Channels: You can map any LDAP group to a Rocket.Chat channel

Auto-Unsubscribe from Channels: You can also remove users from Rocket.Chat channels on LDAP

Auto-Join Teams: You can map any LDAP group to a Rocket.Chat team

Auto-Leave Teams: You can also remove users from Rocket.Chat teams on LDAP

Basic User Data Sync

Load information from the LDAP user to Rocket.Chat

Load Basic User Data from LDAP: Email, name, and username.

Load Avatars: Load the user's avatar from an LDAP attribute

Background Sync

Periodic background sync

Incremental Sync: Give the option to use Incremental Sync (will be implemented in a future release)

Sync User Active State: Determine if users should be enabled or disabled on Rocket.Chat based on the LDAP status

Auto logout: Auto logout user on the next sync when it's removed/disabled on the LDAP group

Encryptions

The encryption method used to secure communications to the LDAP server

SAML

Create role mapping from user groups by selecting any field you want to sync with Rocket.Chat.

Community
Enterprise

Basic Synchronization: Keep user data in sync with the server on login (email, name, and username).

Customizable User Interface: Ability to customize button color and text.

Roles mapping: Role mapping from user groups.

Fields mapping: Select any field you want to sync with Rocket.Chat.

Advanced: Advanced settings (eg. login with username and password x win user).

OAuth / Custom OAuth

Let your users log in via Facebook, Google, LinkedIn, GitHub, and other third-party applications.

Community
Enterprise

Basic Social logins / pre-defined OAuth options

Keep user data in sync with the server on login (Unique identifier and username).

Avatar import

Login methods: Apple, Dolphin, Drupal, Facebook, GitHub, GitHub Enterprise, GitLab, Google, Linkedin, Meteor, Nextcloud, Tokenpass, Twitter, WordPress.

Basic Custom OAuth:

Basic login settings

Login via Custom OAuth protocol using a unique identifier

Load Name, Username, and Email from

OAuth

Import Avatar from OAuth

Advanced Custom OAuth:

Assign Rocket.Chat roles based on OAuth roles

Join channels automatically based on OAuth roles.

Lightweight Directory Access Protocol
Open Authorization
Security Assertion Markup Language
LDAP
SAML
Identity Management EE FAQ