diff --git a/app/controllers/api/v1/migrations/external_controller.rb b/app/controllers/api/v1/migrations/external_controller.rb
index 2c7189de6c995d435bcf161859c124d1e3735501..b106ef206b8015ddad3444ecdc8b9ca3a42fe994 100644
--- a/app/controllers/api/v1/migrations/external_controller.rb
+++ b/app/controllers/api/v1/migrations/external_controller.rb
@@ -83,12 +83,15 @@ module Api
         def create_user
           user_hash = user_params.to_h
 
+          # Re-write LDAP and Google to greenlight
+          user_hash[:provider] = %w[greenlight ldap google].include?(user_hash[:provider]) ? 'greenlight' : user_hash[:provider]
+
           # Returns an error if the provider does not exist
           unless user_hash[:provider] == 'greenlight' || Tenant.exists?(name: user_hash[:provider])
             return render_error(status: :bad_request, errors: 'Provider does not exist')
           end
 
-          return render_data status: :created if User.exists? email: user_hash[:email], provider: user_hash[:provider]
+          return render_data status: :created if User.exists?(email: user_hash[:email], provider: user_hash[:provider])
 
           user_hash[:language] = I18n.default_locale if user_hash[:language].blank? || user_hash[:language] == 'default'
 
diff --git a/spec/controllers/migrations/external_controller_spec.rb b/spec/controllers/migrations/external_controller_spec.rb
index fd6dddab5714fb6712ec46243d93a3e6f4c16eab..e2cf4c2229226e1bfa3fa7979b3e61b65521d298 100644
--- a/spec/controllers/migrations/external_controller_spec.rb
+++ b/spec/controllers/migrations/external_controller_spec.rb
@@ -190,6 +190,28 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
           end
         end
 
+        context 'when the provider does not exists' do
+          before { valid_user_params[:provider] = 'not_a_provider' }
+
+          it 'returns :bad_request without creating a user' do
+            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
+            expect { post :create_user, params: { v2: { encrypted_params: } } }.not_to change(User, :count)
+            expect(response).to have_http_status(:bad_request)
+          end
+        end
+
+        context 'when the provider is ldap' do
+          before { valid_user_params[:provider] = 'ldap' }
+
+          it 'creates a user with the greenlight provider' do
+            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
+            expect { post :create_user, params: { v2: { encrypted_params: } } }.to change(User, :count).from(0).to(1)
+            user = User.take
+            expect(user.provider).to eq('greenlight')
+            expect(response).to have_http_status(:created)
+          end
+        end
+
         context 'when external_id is present' do
           before { valid_user_params[:external_id] = 'EXTERNAL' }