Skip to content
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

RoundCube - mod-auth-openid


This plugin can be coupled with mod-auth-openid to provide an automatic authentication of the user on an IMAP server supporting master password (see Dovecot).


The project can be checked out from its repository :

$ git clone git://


  • Enable master users in your IMAP server configuration, for Dovecot, see|MasterUsers/Password, with * as separator.
  • Ensure you can login as anyone with a master user login and password
  • Ensure RoundCube is protected by mod-auth-ldap, and that your IMAP users have an OpenID identity ending with their username (ex: domain.tld/username).
  • Move the previously downloaded openid directory to the plugin directory of your RoundCube installation.
  • Open the file plugins/openid/openid.php.
  • Edit the define MASTER_USER_LOGIN to your IMAP master user login.
  • Edit the define MASTER_USER_PASSWORD to your IMAP master user password.
  • Open the file config/ file.
  • Activates the plugin by adding "openid" to plugins: $rcmail_config['plugins'] = array('openid');
  • Save files, it should be good.

How it works

The apache module mod-auth-openid provides an environment variable of the OpenID identity of the authenticated user (quite the same behavior as mod-auth-ldap). Because OpenID does not provide a password (fortunately), you need a way to authenticate on IMAP with only the login of the user, this is possible with the MasterPasswords feature of some IMAP servers.

Security note

You must define one trusted OpenID provider with mod-auth-openid, or anyone will be able to read mailboxes of others.

See also


a roundcube plugin to provide an automatic authentication with the mod-auth-openid module of Apache



No releases published


No packages published


You can’t perform that action at this time.