From 709ad827070db08a2ec41c70cf3db8356fe102bb Mon Sep 17 00:00:00 2001
From: Muhammad Arslan <arslan.abdulrauf@arbisoft.com>
Date: Thu, 31 Jul 2025 17:58:14 +0500
Subject: [PATCH] fix: find and match enterprise user only if enterprise is
 enabled (#36958)

Co-authored-by: Peter Pinch <pdpinch@mit.edu>
---
 common/djangoapps/third_party_auth/pipeline.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/common/djangoapps/third_party_auth/pipeline.py b/common/djangoapps/third_party_auth/pipeline.py
index ef1e6f887c..2fff57620a 100644
--- a/common/djangoapps/third_party_auth/pipeline.py
+++ b/common/djangoapps/third_party_auth/pipeline.py
@@ -787,6 +787,7 @@ def associate_by_email_if_saml(auth_entry, backend, details, user, strategy, *ar
 
     This association is done ONLY if the user entered the pipeline belongs to SAML provider.
     """
+    from openedx.features.enterprise_support.api import enterprise_is_enabled
 
     def get_user():
         """
@@ -795,6 +796,7 @@ def associate_by_email_if_saml(auth_entry, backend, details, user, strategy, *ar
         user_details = {'email': details.get('email')} if details else None
         return get_user_from_email(user_details or {})
 
+    @enterprise_is_enabled()
     def associate_by_email_if_enterprise_user():
         """
         If the learner arriving via SAML is already linked to the enterprise customer linked to the same IdP,