Zendesk: https://gitlab.zendesk.com/agent/tickets/104181 We currently have two different `auto_link_user` values for Omniauth: `auto_link_ldap_user` and `auto_link_saml_user`. These settings allow users to sign in with LDAP and SAML and have their existing (non-LDAP/non-SAML) account linked up as long as the email address matches their existing user. In the absence of these settings GitLab will produce a 422 error 'Email already taken'. We should consider adding a generic/overarching configuration that is just `auto_link_user`. When this is set to true, a user signing in via *any* authentication method would have their existing user linked as long as the email address matches. This would allow customers to easily migrate from, say, LDAP to Crowd, or LDAP to Google OAuth, etc. It's still necessary to configure this optionally in my opinion (and default to `false) as it requires a conscious decision to trust email address as a source of truth for a user's identity. You probably don't want this set to `true` on GitLab.com for example.