[GH-ISSUE #1390] [FEATURE REQUEST] Enable/disable required attributes #482

New issue

Open

opened 2026-02-27 08:17:30 +03:00 by kerem · 1 comment

kerem commented

2026-02-27 08:17:30 +03:00

Owner

Originally created by @jprjr on GitHub (Jan 26, 2026).
Original GitHub issue: https://github.com/lldap/lldap/issues/1390

Motivation
Why do you want the feature? What problem do you have, what use cases would it enable?

Hi there! So I'm working on an app where users primarily authenticate with SSL certificates.

My overall goal is to collect as little data from users as possible. The service I'm using doesn't really require email addresses, but email is a required attribute.

Describe the solution you'd like
A clear and concise description of what you want to happen.

I would love it if lldap had a mechanism to mark fields as required vs optional, both so I could mark the email at optional, and make my custom field for a certificate fingerprint as required.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered. You can include workarounds that are currently possible.

One workaround is to set the mail attribute to something invalid, or a real mailbox that I control, then let users set it later.

** Additional context **

My users don't interact with the lldap interface at all. Everything is done via API, even things like password resets - I don't use the password reset of lldap (since my users don't use passwords anyway).

Originally created by @jprjr on GitHub (Jan 26, 2026). Original GitHub issue: https://github.com/lldap/lldap/issues/1390 **Motivation** Why do you want the feature? What problem do you have, what use cases would it enable? Hi there! So I'm working on an app where users primarily authenticate with SSL certificates. My overall goal is to collect as little data from users as possible. The service I'm using doesn't really require email addresses, but email is a required attribute. **Describe the solution you'd like** A clear and concise description of what you want to happen. I would love it if lldap had a mechanism to mark fields as required vs optional, both so I could mark the email at optional, and make my custom field for a certificate fingerprint as required. **Describe alternatives you've considered** A clear and concise description of any alternative solutions or features you've considered. You can include workarounds that are currently possible. One workaround is to set the mail attribute to something invalid, or a real mailbox that I control, then let users set it later. ** Additional context ** My users don't interact with the lldap interface at all. Everything is done via API, even things like password resets - I don't use the password reset of lldap (since my users don't use passwords anyway).

kerem added the

enhancement

label

2026-02-27 08:17:30 +03:00

kerem commented

2026-02-27 08:17:30 +03:00

Author

Owner

@nitnelave commented on GitHub (Jan 26, 2026):

Email will stay as a requirement (it's a unique key constraint in the DB) but we don't check that it's valid. You can use "username@invalid" if you want, as long as it's unique.

As for making custom attributes mandatory, I don't plan on implementing this. However, it should be doable to implement as a plugin (once we have the API implemented)

@nitnelave commented on GitHub (Jan 26, 2026): Email will stay as a requirement (it's a unique key constraint in the DB) but we don't check that it's valid. You can use "username@invalid" if you want, as long as it's unique. As for making custom attributes mandatory, I don't plan on implementing this. However, it should be doable to implement as a plugin (once we have the API implemented)

kerem referenced this issue

2026-02-27 09:09:41 +03:00

[PR #482] [CLOSED] Min passwordlength =6 #772