LDAP and SSO Support #6368

New issue

Open

opened 2026-02-19 23:03:55 -05:00 by deekerman · 16 comments

deekerman commented 2026-02-19 23:03:55 -05:00

Owner

Copy link

Originally created by @ashvinnihalani on GitHub (Feb 19, 2022).

Is there an existing issue for this?

• I have searched the existing issues

Is your feature request related to a problem? Please describe

Lack of multiuser support

Describe the solution you'd like

Support for LDAP/SSO authentication. This provided many benefits:

• Multiple user accounts without password sharing
• Don't store admin credentials in plaintext config
• Use same credentials/sessions across apps in this space ( i.e Radarr, NZBGet, Tautulli, etc)
• Opens the door for user permissions (authorization) down the road
• Improve security by offloading AuthN/AuthZ to services designed for these purposes

Describe alternatives you've considered

No real alternatives are other than using a different project. Keeping a proxy in front of the solution fails in certain use cases

Anything else?

There has been an issue opened in the past https://github.com/Radarr/Radarr/issues/2680 but it was closed due to lack of manpower. I am happy to help contribute/lead the development of this feature if it is not a high priority. .NET is not my strongest language so some pointers to where the relevant files to base off/refer to are located

AB#2609

Originally created by @ashvinnihalani on GitHub (Feb 19, 2022). ### Is there an existing issue for this? - [X] I have searched the existing issues ### Is your feature request related to a problem? Please describe Lack of multiuser support ### Describe the solution you'd like Support for LDAP/SSO authentication. This provided many benefits: - Multiple user accounts without password sharing - Don't store admin credentials in plaintext config - Use same credentials/sessions across apps in this space ( i.e Radarr, NZBGet, Tautulli, etc) - Opens the door for user permissions (authorization) down the road - Improve security by offloading AuthN/AuthZ to services designed for these purposes ### Describe alternatives you've considered No real alternatives are other than using a different project. Keeping a proxy in front of the solution fails in certain use cases ### Anything else? There has been an issue opened in the past https://github.com/Radarr/Radarr/issues/2680 but it was closed due to lack of manpower. I am happy to help contribute/lead the development of this feature if it is not a high priority. .NET is not my strongest language so some pointers to where the relevant files to base off/refer to are located [AB#2609](https://dev.azure.com/Servarr/7ab38f4e-5a57-4d70-84f4-94dd9bc5d6df/_workitems/edit/2609)

deekerman added the

Type: Feature Request

Status: Maybe One Day

labels 2026-02-19 23:03:55 -05:00

deekerman commented 2026-02-19 23:03:55 -05:00

Author

Owner

Copy link

@ta264 commented on GitHub (Feb 20, 2022):

For the record, passwords are not stored in plaintext.

@ta264 commented on GitHub (Feb 20, 2022): For the record, passwords are not stored in plaintext.

deekerman commented 2026-02-19 23:03:55 -05:00

Author

Owner

Copy link

@aetaric commented on GitHub (Aug 28, 2023):

With radarr 5.x requiring authentication (8911386), it might be time to revisit this. A non-zero number of people have authentication off in radarr since auth is offloaded to something else like apache2's mod_auth_mellon for SAML and authnz_ldap for LDAP.

@aetaric commented on GitHub (Aug 28, 2023): With radarr 5.x requiring authentication (8911386), it might be time to revisit this. A non-zero number of people have authentication off in radarr since auth is offloaded to something else like apache2's mod_auth_mellon for SAML and authnz_ldap for LDAP.

deekerman commented 2026-02-19 23:03:55 -05:00

Author

Owner

Copy link

@bakerboy448 commented on GitHub (Aug 28, 2023):

A non-zero number of people have authentication off in radarr since auth is offloaded to something else like apache2's mod_auth_mellon for SAML and authnz_ldap for LDAP.

it's a non-issue and External auth is supported https://wiki.servarr.com/radarr/faq#forced-authentication

@bakerboy448 commented on GitHub (Aug 28, 2023): >A non-zero number of people have authentication off in radarr since auth is offloaded to something else like apache2's mod_auth_mellon for SAML and authnz_ldap for LDAP. it's a non-issue and External auth is supported https://wiki.servarr.com/radarr/faq#forced-authentication

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@RobinDadswell commented on GitHub (Aug 28, 2023):

With radarr 5.x requiring authentication (8911386), it might be time to revisit this. A non-zero number of people have authentication off in radarr since auth is offloaded to something else like apache2's mod_auth_mellon for SAML and authnz_ldap for LDAP.

We are currently investigating Plex auth and OIDC for extension of the current auth methods in the future, although there are some kinks to work out.

@RobinDadswell commented on GitHub (Aug 28, 2023): > With radarr 5.x requiring authentication (8911386), it might be time to revisit this. A non-zero number of people have authentication off in radarr since auth is offloaded to something else like apache2's mod_auth_mellon for SAML and authnz_ldap for LDAP. We are currently investigating Plex auth and OIDC for extension of the current auth methods in the future, although there are some kinks to work out.

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@Robin-Sch commented on GitHub (Jan 12, 2024):

Is there any update for this?

@Robin-Sch commented on GitHub (Jan 12, 2024): Is there any update for this?

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@RobinDadswell commented on GitHub (Jan 12, 2024):

Is there any update for this?

Currently no update on this, have been having some issues with OIDC in the limited testing that's been done and trying to work through those kinks before we make this more widely available

@RobinDadswell commented on GitHub (Jan 12, 2024): > Is there any update for this? Currently no update on this, have been having some issues with OIDC in the limited testing that's been done and trying to work through those kinks before we make this more widely available

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@digitaljdr commented on GitHub (Jul 4, 2024):

Any update on OIDC? :) just stood up authentik and want to sso all the apps

@digitaljdr commented on GitHub (Jul 4, 2024): Any update on OIDC? :) just stood up authentik and want to sso all the apps

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@bakerboy448 commented on GitHub (Jul 4, 2024):

When there is an update there will be a commit or PR tied to this issue.

Asking for an update does not make this appear any sooner

there are effectively no active developers for the Servarr Starrs and no one from the community is interested in helping.

@bakerboy448 commented on GitHub (Jul 4, 2024): When there is an update there will be a commit or PR tied to this issue. Asking for an update does not make this appear any sooner there are effectively no active developers for the Servarr Starrs and no one from the community is interested in helping.

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@alexsalex commented on GitHub (Jul 23, 2024):

Any update on OIDC?

@alexsalex commented on GitHub (Jul 23, 2024): Any update on OIDC?

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@Robin-Sch commented on GitHub (Jul 23, 2024):

When there is an update there will be a commit or PR tied to this issue.

Asking for an update does not make this appear any sooner

there are effectively no active developers for the Servarr Starrs and no one from the community is interested in helping.

Only thing you can do right now is disable authentication and then use something like oauth-proxy in front of your arr services.

@Robin-Sch commented on GitHub (Jul 23, 2024): > When there is an update there will be a commit or PR tied to this issue. > > Asking for an update does not make this appear any sooner > > there are effectively no active developers for the Servarr Starrs and no one from the community is interested in helping. Only thing you can do right now is disable authentication and then use something like oauth-proxy in front of your arr services.

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@Dkhil commented on GitHub (Sep 1, 2024):

Any update on OIDC?

@Dkhil commented on GitHub (Sep 1, 2024): Any update on OIDC?

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@thezak48 commented on GitHub (Sep 1, 2024):

If the ticket is still open then there is no update

@thezak48 commented on GitHub (Sep 1, 2024): If the ticket is still open then there is no update

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@jlengelbrecht commented on GitHub (Sep 4, 2024):

Is this still being looked at as an option? Would love to tie everything together and enable oidc in my arr app stack

@jlengelbrecht commented on GitHub (Sep 4, 2024): Is this still being looked at as an option? Would love to tie everything together and enable oidc in my arr app stack

deekerman commented 2026-02-19 23:03:56 -05:00

Author

Owner

Copy link

@bakerboy448 commented on GitHub (Sep 4, 2024):

Is this still being looked at as an option? Would love to tie everything together and enable oidc in my arr app stack

Did you read any of the comment above yours that answer this?

Further asking for updates may likely result in this locked due to spam.

@bakerboy448 commented on GitHub (Sep 4, 2024): > Is this still being looked at as an option? Would love to tie everything together and enable oidc in my arr app stack Did you read any of the comment above yours that answer this? Further asking for updates may likely result in this locked due to spam.

deekerman commented 2026-02-19 23:03:57 -05:00

Author

Owner

Copy link

@edbourque0 commented on GitHub (Sep 29, 2024):

+1

@edbourque0 commented on GitHub (Sep 29, 2024): +1

deekerman commented 2026-02-19 23:03:57 -05:00

Author

Owner

Copy link

@wsw70 commented on GitHub (Aug 14, 2025):

Only thing you can do right now is disable authentication and then use something like oauth-proxy in front of your arr services.

Ah, I thought that authentication was compulsory now. I will dig in then, thanks

@wsw70 commented on GitHub (Aug 14, 2025): > Only thing you can do right now is disable authentication and then use something like oauth-proxy in front of your arr services. Ah, I thought that authentication was compulsory now. I will dig in then, thanks

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

optimize-azure-pipelines-disk-space

chore/sync-contributing-20250816

v6-develop

zeus

add-movie-result-movie-status

db-calls-list-threads

collection-testing

import-list-redirects

changelog-script

zeus-old

sonarr-pull-303fc5d7

sonarr-pull-1b599c7e

zeus-oidc

sonarr-pull-f47abd0d

collection-speed-2

sonarr-pull-fe476a31

sonarr-pull-e9123982

sonarr-pull-89ee7d44

sonarr-pull-65202782

sonarr-pull-b154b00c

sonarr-pull-05ee4e64

postgres-test-tz

list-exclusions

update-configfileprovider

update-changes

arm-vfpv3d16-2

remove-mono-refs

movie-details-rework

ipv6

movie-year-name-parsing

move-rpm-icons

slack-refactor

native-theme-park

ending-colon-regex

new-exclusion-lists

speed-up-logging

aphrodite

tweak-refresh-get-all

v0.2

async-test

v6.1.1.10317

v6.1.0.10316

v6.1.0.10309

v6.1.0.10293

v6.0.4.10291

v6.0.4.10281

v6.0.3.10276

v6.0.2.10271

v6.0.1.10258

v6.0.0.10217

v5.28.0.10205

v5.28.0.10274

v5.27.5.10198

v5.27.5.10184

v5.27.4.10176

v5.27.3.10153

v5.27.2.10142

v5.27.1.10122

v5.27.0.10101

v5.26.2.10099

v5.26.1.10080

v5.26.0.10051

v5.25.0.10024

v5.24.1.10017

v5.24.0.10006

v5.23.3.9987

v5.23.2.9919

v5.23.1.9914

v5.23.0.9907

v5.22.4.9896

v5.22.3.9889

v5.22.2.9862

v5.22.1.9832

v5.22.0.9808

v5.21.1.9799

v5.21.0.9792

v5.20.2.9777

v5.20.1.9773

v5.20.0.9752

v5.19.3.9730

v5.19.2.9720

v5.19.1.9704

v5.19.0.9697

v5.18.4.9674

v5.18.3.9669

v5.18.2.9651

v5.18.1.9612

v5.18.0.9595

v5.17.2.9580

v5.17.1.9561

v5.17.0.9555

v5.16.3.9541

v5.16.2.9534

v5.16.1.9508

v5.16.0.9485

v5.15.1.9463

v5.15.0.9412

v5.14.0.9383

v5.13.1.9378

v5.13.0.9361

v5.12.2.9335

v5.12.1.9289

v5.12.0.9255

v5.11.0.9244

v5.10.4.9218

v5.10.3.9178

v5.10.2.9164

v5.10.1.9125

v5.10.0.9090

v5.9.1.9070

v5.9.0.9058

v5.8.3.8933

v5.8.2.8915

v5.8.1.8906

v5.8.0.8897

v5.7.0.8882

v5.6.0.8846

v5.5.3.8819

v5.5.2.8781

v5.5.1.8747

v5.5.0.8730

v5.4.6.8723

v5.4.5.8715

v5.4.4.8688

v5.4.3.8677

v5.4.2.8667

v5.4.1.8654

v5.4.0.8636

v5.3.6.8612

v5.3.5.8592

v5.3.4.8567

v5.3.3.8535

v5.3.2.8504

v5.3.1.8438

v5.3.0.8410

v5.2.6.8376

v5.2.5.8361

v5.2.4.8328

v5.2.3.8303

v5.2.2.8288

v5.2.1.8276

v5.2.0.8250

v5.1.3.8246

v5.1.2.8207

v5.1.1.8195

v5.1.0.8172

v5.0.3.8127

v5.0.3.8107

v5.0.2.8103

v5.0.1.7993

v5.0.0.7952

v4.7.5.7809

v4.7.4.7758

v4.7.3.7731

v4.7.2.7686

v4.7.1.7640

v4.7.0.7588

v4.6.4.7568

v4.6.3.7516

v4.6.2.7490

v4.6.1.7456

v4.6.0.7439

v4.5.2.7388

v4.5.2.7318

v4.5.1.7282

v4.5.0.7106

v4.4.4.7068

v4.4.3.7030

v4.4.2.6956

v4.4.1.6926

v4.4.0.6882

v4.3.2.6857

v4.3.1.6822

v4.3.0.6671

v4.2.4.6635

v4.2.3.6575

v4.2.2.6503

v4.2.1.6478

v4.2.0.6438

v4.1.0.6175

v4.1.0.6122

v4.1.0.6095

v4.0.5.5977

v4.0.5.5981

v4.0.4.5909

v4.0.4.5922

v4.0.3.5879

v4.0.2.5836

v4.0.1.5813

v4.0.0.5745

v3.2.2.5080

v3.2.1.5070

v3.2.0.5048

v3.1.1.4954

v3.1.0.4893

v3.0.2.4552

v3.0.2.4369

v3.0.1.4259

v3.0.0.4204

v0.2.0.1504

v0.2.0.1480

v0.2.0.1450

v0.2.0.1358

v0.2.0.1344

v0.2.0.1344-camoqdij

v2.0.0.5322

v2.0.0.5319

v2.0.0.5301

v0.2.0.1293

v0.2.0.1216

v0.2.0.1217

v2.0.0.5250

v2.0.0.5228

v2.0.0.5225

v0.2.0.1120

v0.2.0.1067

v0.2.0.1066

v2.0.0.5163

v0.2.0.995

v2.0.0.5153

v0.2.0.980

v0.2.0.935

v0.2.0.910

v2.0.0.5085

v2.0.0.5054

v0.2.0.870

v0.2.0.852

v0.2.0.846

v2.0.0.4949

v2.0.0.4928

v2.0.0.4919

v2.0.0.4918

v2.0.0.4913

v2.0.0.4855

v0.2.0.778

v2.0.0.4753

v2.0.0.4748

v0.2.0.696

v0.2.0.692

v0.2.0.654

v0.2.0.596

v2.0.0.4689

v2.0.0.4688

v0.2.0.535

v2.0.0.4645

v0.2.0.453

v0.2.0.375

v2.0.0.4613

v0.2.0.299

v0.2.0.288

v0.2.0.267

v0.2.0.238

v0.2.0.226

v0.2.0.210

v0.2.0.196

v0.2.0.182

v0.2.0.166

v0.2.0.152

v0.2.0.134

v0.2.0.99

v0.2.0.85

v0.2.0.61

v0.2.0.45

v0.2.0.32

v0.2.0.27

v0.2.0.18

v0.2.0.2

v0.1.0.34353

v0.1.0.34352

v0.1-f

v0.1-e

v0.1-d

v0.1-c

v0.1-b

v0.1-a

0.05

v2.0.0.4472

v2.0.0.4427

v2.0.0.4409

v2.0.0.4389

v2.0.0.4374

v2.0.0.4370

v2.0.0.4326

v2.0.0.4323

v2.0.0.4230

v2.0.0.4146

v2.0.0.3953

v2.0.0.3732

v2.0.0.3645

v2.0.0.3573

v2.0.0.3530

v2.0.0.3527

v2.0.0.3357

v2.0.0.3243

v2.0.0.3212

v2.0.0.3154

v2.0.0.3004

v2.0.0.2850

Labels

Clear labels   

Area: API

  

Area: Database

  

Area: Db-migration

  

Area: Download Clients

  

Area: Extras

  

Area: Import Lists

  

Area: Indexer

  

Area: Metadata API

  

Area: Notifications

  

Area: Organizer

  

Area: Parser

  

Area: Scanning

  

Area: Tooling

  

Area: UI

  

Area: Unit Tests

  

On Hold: MetadataAPI Blocking

  

On Hold: MetadataAPI Blocking

  

Priority: High

  

Priority: Low

  

Priority: Medium

  

Status: Accepted

  

Status: Cannot Reproduce

  

Status: Confirmed

  

Status: Help Wanted

  

Status: In Progress

  

Status: Indexer - need invite

  

Status: Info Needed

  

Status: Investigating

  

Status: Logs Needed

  

Status: Maybe One Day

  

Status: Needs Triage

  

Status: On Hold

  

Status: Ready for Review

  

Status: Unlikely

  

Status: Waiting for OP

  

Status: Won't Fix

  

Type: Bug

  

Type: Documentation

  

Type: Duplicate

  

Type: Enhancement

  

Type: External Bug

  

Type: Feature Request

  

Type: Regression

  

Type: Support

  

Type: Support.

  

conflict

  

lidarr-pull

  

no-conflict

  

not-pulled

  

readarr-pull

  

readarr-pull

  

sonarr upstream

  

sonarr-pull

No labels

Area: API

Area: Database

Area: Db-migration

Area: Download Clients

Area: Extras

Area: Import Lists

Area: Indexer

Area: Metadata API

Area: Notifications

Area: Organizer

Area: Parser

Area: Scanning

Area: Tooling

Area: UI

Area: Unit Tests

On Hold: MetadataAPI Blocking

On Hold: MetadataAPI Blocking

Priority: High

Priority: Low

Priority: Medium

Status: Accepted

Status: Cannot Reproduce

Status: Confirmed

Status: Help Wanted

Status: In Progress

Status: Indexer - need invite

Status: Info Needed

Status: Investigating

Status: Logs Needed

Status: Maybe One Day

Status: Needs Triage

Status: On Hold

Status: Ready for Review

Status: Unlikely

Status: Waiting for OP

Status: Won't Fix

Type: Bug

Type: Documentation

Type: Duplicate

Type: Enhancement

Type: External Bug

Type: Feature Request

Type: Regression

Type: Support

Type: Support.

conflict

lidarr-pull

no-conflict

not-pulled

readarr-pull

readarr-pull

sonarr upstream

sonarr-pull

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/Radarr#6368

No description provided.