Rocket.Chat provides robust identity and access management features. This guide compares the authentication options available across different Rocket.Chat plans.
LDAP / AD
Use LDAP/AD to synchronize user data, map roles and groups, and manage advanced features such as background sync and auto-logout.
Feature | Community | Starter | Pro | Enterprise |
|---|---|---|---|---|
Login Fallback | ✓ | ✓ | ✓ | ✓ |
Merge with existing Rocket.Chat users | ✓ | ✓ | ✓ | ✓ |
Filter what LDAP users can log in (Search Filter and Group Filter) | ✓ | ✓ | ✓ | ✓ |
Encryptions | ✓ | ✓ | ✓ | ✓ |
Basic User Data and Avatar Sync | ✓ | ✓ | ✓ | ✓ |
Load Custom User Data from LDAP | x | ✓ | ✓ | ✓ |
Roles Mapping from Groups | x | ✓ | ✓ | ✓ |
Sync LDAP Groups to Channels | x | ✓ | ✓ | ✓ |
Sync Teams with LDAP | x | ✓ | ✓ | ✓ |
Sync User Active State | x | ✓ | ✓ | ✓ |
Auto logout deactivated users | x | ✓ | ✓ | ✓ |
Periodic Background Sync | x | ✓ | ✓ | ✓ |
SAML
Create role mapping from user groups by selecting the field you want to sync with Rocket.Chat.
Feature | Community | Starter | Pro | Enterprise |
|---|---|---|---|---|
Basic Synchronization | ✓ | ✓ | ✓ | ✓ |
Customizable User Interface | ✓ | ✓ | ✓ | ✓ |
Roles mapping | x | ✓ | ✓ | ✓ |
Fields mapping | x | ✓ | ✓ | ✓ |
Advanced SAML Settings | x | ✓ | ✓ | ✓ |
OAuth / Custom OAuth
Allow users to log in via Facebook, Google, LinkedIn, GitHub, and other third-party applications.
Feature | Community | Starter | Pro | Enterprise |
|---|---|---|---|---|
Basic Social Logins | ✓ | ✓ | ✓ | ✓ |
Login via Custom OAuth protocol using a unique identifier | ✓ | ✓ | ✓ | ✓ |
Load Name, Username and Email from Custom OAuth | ✓ | ✓ | ✓ | ✓ |
Import Avatar from Custom OAuth | ✓ | ✓ | ✓ | ✓ |
Assign Rocket.Chat roles based on Custom OAuth roles | x | ✓ | ✓ | ✓ |
Join channels automatically based on Custom OAuth roles | x | ✓ | ✓ | ✓ |
For more details, see the Authentication and Identity Management FAQ. The following sections provide step-by-step guidance on configuring each feature.