diff --git a/CHANGELOG b/CHANGELOG
index 386ce7ca6d4ff8247d80a40482bb163254f98fd3..4b3cc639a11ac0f1e17d2dbf8f2fa556b30b507c 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -22,6 +22,7 @@ v 8.0.0 (unreleased)
   - Fix 500 error when submit project snippet without body
   - Improve search page usability
   - Bring more UI consistency in way how projects, snippets and groups lists are rendered
+  - Retrieving oauth token with LDAP credentials
 
 v 7.14.1
   - Improve abuse reports management from admin area
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 6139ddbe6cd7d9d76e8234269d4ded5c6ce7891e..66ac88e9f4af7df56fa80799c49afe4e3debb9d6 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -12,8 +12,7 @@ Doorkeeper.configure do
   end
 
   resource_owner_from_credentials do |routes|
-    u = User.find_by(email: params[:username]) || User.find_by(username: params[:username])
-    u if u && u.valid_password?(params[:password])
+    Gitlab::Auth.new.find(params[:username], params[:password])
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.