diff --git a/htdocs/js/app.js b/htdocs/js/app.js
index b6d5cba6..1b707c4b 100755
--- a/htdocs/js/app.js
+++ b/htdocs/js/app.js
@@ -153,8 +153,6 @@ app.extend({
 			session_id: this.getPref('session_id')
 		}, 
 		function(resp, tx) {
-			self.hideProgress();
-			
 			delete self.user;
 			delete self.username;
 			delete self.user_info;
@@ -171,12 +169,25 @@ app.extend({
 			self.clock_visible = false;
 			self.checkScrollTime();
 			
-			Debug.trace("User session cookie was deleted, redirecting to login page");
-			Nav.go('Login');
+			if (app.config.external_users) {
+				// external user api
+				Debug.trace("User session cookie was deleted, querying external user API");
+				setTimeout( function() {
+					if (bad_cookie) app.doExternalLogin(); 
+					else app.doExternalLogout(); 
+				}, 250 );
+			}
+			else {
+				Debug.trace("User session cookie was deleted, redirecting to login page");
+				self.hideProgress();
+				Nav.go('Login');
+			}
 			
 			setTimeout( function() {
-				if (bad_cookie) self.showMessage('error', "Your session has expired.  Please log in again.");
-				else self.showMessage('success', "You were logged out successfully.");
+				if (!app.config.external_users) {
+					if (bad_cookie) self.showMessage('error', "Your session has expired.  Please log in again.");
+					else self.showMessage('success', "You were logged out successfully.");
+				}
 				
 				self.activeJobs = {};
 				delete self.servers;
@@ -192,6 +203,34 @@ app.extend({
 		} );
 	},
 	
+	doExternalLogin: function() {
+		// login using external user management system
+		app.api.post( 'user/external_login', { cookie: document.cookie }, function(resp) {
+			if (resp.user) {
+				Debug.trace("User Session Resume: " + resp.username + ": " + resp.session_id);
+				app.hideProgress();
+				app.doUserLogin( resp );
+				Nav.refresh();
+			}
+			else if (resp.location) {
+				Debug.trace("External User API requires redirect");
+				app.showProgress(1.0, "Logging in...");
+				setTimeout( function() { window.location = resp.location; }, 250 );
+			}
+			else app.doError(resp.description || "Unknown login error.");
+		} );
+	},
+	
+	doExternalLogout: function() {
+		// redirect to external user management system for logout
+		var url = app.config.external_user_api;
+		url += (url.match(/\?/) ? '&' : '?') + 'logout=1';
+		
+		Debug.trace("External User API requires redirect");
+		app.showProgress(1.0, "Logging out...");
+		setTimeout( function() { window.location = url; }, 250 );
+	},
+	
 	socketConnect: function() {
 		// init socket.io client
 		var self = this;
diff --git a/htdocs/js/pages/Base.class.js b/htdocs/js/pages/Base.class.js
index 83445e93..0ba28794 100644
--- a/htdocs/js/pages/Base.class.js
+++ b/htdocs/js/pages/Base.class.js
@@ -4,6 +4,8 @@ Class.subclass( Page, "Page.Base", {
 	
 	requireLogin: function(args) {
 		// user must be logged into to continue
+		var self = this;
+		
 		if (!app.user) {
 			// require login
 			app.navAfterLogin = this.ID;
@@ -14,7 +16,7 @@ Class.subclass( Page, "Page.Base", {
 			var session_id = app.getPref('session_id') || '';
 			if (session_id) {
 				Debug.trace("User has cookie, recovering session: " + session_id);
-				// app.showProgress(1.0, "Logging in...");
+				
 				app.api.post( 'user/resume_session', {
 					session_id: session_id
 				}, 
@@ -23,16 +25,20 @@ Class.subclass( Page, "Page.Base", {
 						Debug.trace("User Session Resume: " + resp.username + ": " + resp.session_id);
 						app.hideProgress();
 						app.doUserLogin( resp );
-						
-						// Nav.go( app.navAfterLogin || config.DefaultPage );
 						Nav.refresh();
 					}
 					else {
 						Debug.trace("User cookie is invalid, redirecting to login page");
-						Nav.go('Login');
+						// Nav.go('Login');
+						self.setPref('session_id', '');
+						self.requireLogin(args);
 					}
 				} );
 			}
+			else if (app.config.external_users) {
+				Debug.trace("User is not logged in, querying external user API");
+				app.doExternalLogin();
+			}
 			else {
 				Debug.trace("User is not logged in, redirecting to login page (will return to " + this.ID + ")");
 				setTimeout( function() { Nav.go('Login'); }, 1 );
diff --git a/htdocs/js/pages/MyAccount.class.js b/htdocs/js/pages/MyAccount.class.js
index ec1e7377..d38b8aa5 100644
--- a/htdocs/js/pages/MyAccount.class.js
+++ b/htdocs/js/pages/MyAccount.class.js
@@ -22,6 +22,7 @@ Class.subclass( Page.Base, "Page.MyAccount", {
 	},
 	
 	receive_user: function(resp, tx) {
+		var self = this;
 		var html = '';
 		var user = resp.user;
 				
@@ -76,9 +77,14 @@ Class.subclass( Page.Base, "Page.MyAccount", {
 			html += '<td valign="top" align="left" style="vertical-align:top; text-align:left;">';
 				// gravar profile image and edit button
 				html += '<fieldset style="width:150px; margin-left:40px; background:white; border:1px solid #ddd; box-shadow:none;"><legend>Profile Picture</legend>';
-				html += '<div id="d_ma_image" style="width:128px; height:128px; margin:5px auto 0 auto; background-image:url('+app.getUserAvatarURL(128)+'); cursor:pointer;" onMouseUp="$P().edit_gravatar()"></div>';
-				html += '<div class="button mini" style="margin:10px auto 5px auto;" onMouseUp="$P().edit_gravatar()">Edit Image...</div>';
-				html += '<div style="font-size:11px; color:#888; text-align:center; margin-bottom:5px;">Image services provided by <a href="https://en.gravatar.com/connect/" target="_blank">Gravatar.com</a>.</div>';
+				if (app.config.external_users) {
+					html += '<div id="d_ma_image" style="width:128px; height:128px; margin:5px auto 0 auto; background-image:url('+app.getUserAvatarURL(128)+'); cursor:default;"></div>';
+				}
+				else {
+					html += '<div id="d_ma_image" style="width:128px; height:128px; margin:5px auto 0 auto; background-image:url('+app.getUserAvatarURL(128)+'); cursor:pointer;" onMouseUp="$P().edit_gravatar()"></div>';
+					html += '<div class="button mini" style="margin:10px auto 5px auto;" onMouseUp="$P().edit_gravatar()">Edit Image...</div>';
+					html += '<div style="font-size:11px; color:#888; text-align:center; margin-bottom:5px;">Image services provided by <a href="https://en.gravatar.com/connect/" target="_blank">Gravatar.com</a>.</div>';
+				}
 				html += '</fieldset>';
 			html += '</td>';
 		html += '</tr></table>';
@@ -89,6 +95,11 @@ Class.subclass( Page.Base, "Page.MyAccount", {
 		
 		setTimeout( function() {
 			app.password_strengthify( '#fe_ma_new_password' );
+			
+			if (app.config.external_users) {
+				app.showMessage('warning', "Users are managed by an external system, so you cannot make changes here.");
+				self.div.find('input').prop('disabled', true);
+			}
 		}, 1 );
 	},
 	
@@ -100,6 +111,9 @@ Class.subclass( Page.Base, "Page.MyAccount", {
 	save_changes: function(force) {
 		// save changes to user info
 		app.clearError();
+		if (app.config.external_users) {
+			return app.doError("Users are managed by an external system, so you cannot make changes here.");
+		}
 		if (!$('#fe_ma_old_password').val()) return app.badField('#fe_ma_old_password', "Please enter your current account password to make changes.");
 		
 		if ($('#fe_ma_new_password').val() && !force && (app.last_password_strength.score < 3)) {
@@ -138,6 +152,9 @@ Class.subclass( Page.Base, "Page.MyAccount", {
 		var self = this;
 		
 		app.clearError();
+		if (app.config.external_users) {
+			return app.doError("Users are managed by an external system, so you cannot make changes here.");
+		}
 		if (!$('#fe_ma_old_password').val()) return app.badField('#fe_ma_old_password', "Please enter your current account password.");
 		
 		app.confirm( "Delete My Account", "Are you sure you want to <b>permanently delete</b> your user account?  There is no way to undo this action, and no way to recover your data.", "Delete", function(result) {
diff --git a/htdocs/js/pages/admin/Users.js b/htdocs/js/pages/admin/Users.js
index 7ebe3c95..d2527160 100644
--- a/htdocs/js/pages/admin/Users.js
+++ b/htdocs/js/pages/admin/Users.js
@@ -101,6 +101,9 @@ Class.add( Page.Admin, {
 	edit_user: function(idx) {
 		// jump to edit sub
 		if (idx > -1) Nav.go( '#Admin?sub=edit_user&username=' + this.users[idx].username );
+		else if (app.config.external_users) {
+			app.doError("Users are managed by an external system, so you cannot add users from here.");
+		}
 		else Nav.go( '#Admin?sub=new_user' );
 	},
 	
@@ -300,6 +303,11 @@ Class.add( Page.Admin, {
 		
 		setTimeout( function() {
 			$('#fe_eu_username').attr('disabled', true);
+			
+			if (app.config.external_users) {
+				app.showMessage('warning', "Users are managed by an external system, so making changes here may have little effect.");
+				// self.div.find('input').prop('disabled', true);
+			}
 		}, 1 );
 	},
 	
@@ -339,7 +347,15 @@ Class.add( Page.Admin, {
 	show_delete_account_dialog: function() {
 		// show dialog confirming account delete action
 		var self = this;
-		app.confirm( '<span style="color:red">Delete Account</span>', "Are you sure you want to <b>permanently delete</b> the user account \""+this.user.username+"\"?  There is no way to undo this action, and no way to recover the data.", 'Delete', function(result) {
+		
+		var msg = "Are you sure you want to <b>permanently delete</b> the user account \""+this.user.username+"\"?  There is no way to undo this action, and no way to recover the data.";
+		
+		if (app.config.external_users) {
+			msg = "Are you sure you want to delete the user account \""+this.user.username+"\"?  Users are managed by an external system, so this will have little effect here.";
+			// return app.doError("Users are managed by an external system, so you cannot make changes here.");
+		}
+		
+		app.confirm( '<span style="color:red">Delete Account</span>', msg, 'Delete', function(result) {
 			if (result) {
 				app.showProgress( 1.0, "Deleting Account..." );
 				app.api.post( 'user/admin_delete', {
diff --git a/lib/api/config.js b/lib/api/config.js
index a7bb61ae..9116dbe2 100644
--- a/lib/api/config.js
+++ b/lib/api/config.js
@@ -31,7 +31,9 @@ module.exports = Class.create({
 				job_memory_max: this.server.config.get('job_memory_max'),
 				base_api_uri: this.api.config.get('base_uri'),
 				default_privileges: this.usermgr.config.get('default_privileges'),
-				free_accounts: this.usermgr.config.get('free_accounts')
+				free_accounts: this.usermgr.config.get('free_accounts'),
+				external_users: this.usermgr.config.get('external_user_api') ? 1 : 0,
+				external_user_api: this.usermgr.config.get('external_user_api') || ''
 			} ),
 			port: args.request.headers.ssl ? this.web.config.get('https_port') : this.web.config.get('http_port'),
 			master_hostname: this.multi.masterHostname
diff --git a/package.json b/package.json
index 605636c6..615281ab 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
 	"name": "Cronicle",
-	"version": "0.0.3",
+	"version": "0.0.4",
 	"description": "A simple, distributed task scheduler and runner with a web based UI.",
 	"author": "Joseph Huckaby <jhuckaby@gmail.com>",
 	"homepage": "https://github.com/jhuckaby/Cronicle",