"Wrong email or password" when AD/LDAP connection and Database Connection Enabled for Same Application

Problem Statement

We have an application with both the AD/LDAP enterprise connection and the Username-Password-Authentication database connection enabled. When trying to log in through the application with a user that exists in their LDAP, we got “Wrong email or password” error.


When enabling an AD/LDAP connection for an application, the connection will behave like a database connection. And when another database connection is also enabled for that application, the login will default to only one connection.
Since the database connection was older, it was chosen by default on the Universal Login Page. Therefore, the credentials meant for the AD/LDAP connection would fail with “Wrong username or password” errors.

The same issue can occur with multiple AD/LDAP connections enabled.


Please specify the intended connection by including a “connection” parameter in the /authorize request.

Alternatively, the AD/LDAP connections can be configured for home realm discovery, so the user’s email address domain can be used to direct the user to the right connection automatically.