diff --git a/models/auth/oauth2.go b/models/auth/oauth2.go
index 9c419eff69..633012451a 100644
--- a/models/auth/oauth2.go
+++ b/models/auth/oauth2.go
@@ -626,10 +626,14 @@ func (err ErrOAuthApplicationNotFound) Unwrap() error {
 	return util.ErrNotExist
 }
 
-// GetActiveOAuth2ProviderSources returns all actived LoginOAuth2 sources
-func GetActiveOAuth2ProviderSources() ([]*Source, error) {
+// GetOAuth2ProviderSources returns all actived LoginOAuth2 sources
+func GetOAuth2ProviderSources(onlyActive bool) ([]*Source, error) {
 	sources := make([]*Source, 0, 1)
-	if err := db.GetEngine(db.DefaultContext).Where("is_active = ? and type = ?", true, OAuth2).Find(&sources); err != nil {
+	sess := db.GetEngine(db.DefaultContext)
+	if onlyActive {
+		sess = sess.Where("is_active = ?", true)
+	}
+	if err := sess.Where("type = ?", OAuth2).Find(&sources); err != nil {
 		return nil, err
 	}
 	return sources, nil
diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go
index 007e790b8e..769093255e 100644
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@@ -146,7 +146,7 @@ func SignIn(ctx *context.Context) {
 		return
 	}
 
-	orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers()
+	orderedOAuth2Names, oauth2Providers, err := oauth2.GetOAuth2ProvidersMap(true)
 	if err != nil {
 		ctx.ServerError("UserSignIn", err)
 		return
@@ -170,7 +170,7 @@ func SignIn(ctx *context.Context) {
 func SignInPost(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("sign_in")
 
-	orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers()
+	orderedOAuth2Names, oauth2Providers, err := oauth2.GetOAuth2ProvidersMap(true)
 	if err != nil {
 		ctx.ServerError("UserSignIn", err)
 		return
@@ -392,7 +392,7 @@ func SignUp(ctx *context.Context) {
 
 	ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up"
 
-	orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers()
+	orderedOAuth2Names, oauth2Providers, err := oauth2.GetOAuth2ProvidersMap(true)
 	if err != nil {
 		ctx.ServerError("UserSignUp", err)
 		return
@@ -422,7 +422,7 @@ func SignUpPost(ctx *context.Context) {
 
 	ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up"
 
-	orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers()
+	orderedOAuth2Names, oauth2Providers, err := oauth2.GetOAuth2ProvidersMap(true)
 	if err != nil {
 		ctx.ServerError("UserSignUp", err)
 		return
diff --git a/routers/web/user/setting/security/security.go b/routers/web/user/setting/security/security.go
index 5a17c161fe..f5037600eb 100644
--- a/routers/web/user/setting/security/security.go
+++ b/routers/web/user/setting/security/security.go
@@ -105,7 +105,7 @@ func loadSecurityData(ctx *context.Context) {
 	}
 	ctx.Data["AccountLinks"] = sources
 
-	orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers()
+	orderedOAuth2Names, oauth2Providers, err := oauth2.GetOAuth2ProvidersMap(false)
 	if err != nil {
 		ctx.ServerError("GetActiveOAuth2Providers", err)
 		return
diff --git a/services/auth/source/oauth2/init.go b/services/auth/source/oauth2/init.go
index 32fe545c90..2ad9ddfe74 100644
--- a/services/auth/source/oauth2/init.go
+++ b/services/auth/source/oauth2/init.go
@@ -62,7 +62,7 @@ func ResetOAuth2() error {
 
 // initOAuth2Sources is used to load and register all active OAuth2 providers
 func initOAuth2Sources() error {
-	authSources, _ := auth.GetActiveOAuth2ProviderSources()
+	authSources, _ := auth.GetOAuth2ProviderSources(true)
 	for _, source := range authSources {
 		oauth2Source, ok := source.Cfg.(*Source)
 		if !ok {
diff --git a/services/auth/source/oauth2/providers.go b/services/auth/source/oauth2/providers.go
index e3a0cb0335..c252c678cc 100644
--- a/services/auth/source/oauth2/providers.go
+++ b/services/auth/source/oauth2/providers.go
@@ -94,13 +94,12 @@ func GetOAuth2Providers() []Provider {
 	return providers
 }
 
-// GetActiveOAuth2Providers returns the map of configured active OAuth2 providers
+// GetOAuth2ProvidersMap returns the map of configured active OAuth2 providers
 // key is used as technical name (like in the callbackURL)
 // values to display
-func GetActiveOAuth2Providers() ([]string, map[string]Provider, error) {
+func GetOAuth2ProvidersMap(onlyActive bool) ([]string, map[string]Provider, error) {
 	// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type
-
-	authSources, err := auth.GetActiveOAuth2ProviderSources()
+	authSources, err := auth.GetOAuth2ProviderSources(onlyActive)
 	if err != nil {
 		return nil, nil, err
 	}