diff --git a/tests/integration/setting_test.go b/tests/integration/setting_test.go
index 9dad9ca716..283070ec8e 100644
--- a/tests/integration/setting_test.go
+++ b/tests/integration/setting_test.go
@@ -7,6 +7,10 @@ import (
 	"net/http"
 	"testing"
 
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/tests"
 
@@ -116,3 +120,38 @@ func TestSettingLandingPage(t *testing.T) {
 
 	setting.LandingPageURL = landingPage
 }
+
+func TestSettingSecurityAuthSource(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+
+	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
+
+	active := addAuthSource(t, authSourcePayloadGitLabCustom("gitlab-active"))
+	activeExternalLoginUser := &user_model.ExternalLoginUser{
+		ExternalID:    "12345",
+		UserID:        user.ID,
+		LoginSourceID: active.ID,
+	}
+	err := user_model.LinkExternalToUser(db.DefaultContext, user, activeExternalLoginUser)
+	assert.NoError(t, err)
+
+	inactive := addAuthSource(t, authSourcePayloadGitLabCustom("gitlab-inactive"))
+	inactiveExternalLoginUser := &user_model.ExternalLoginUser{
+		ExternalID:    "5678",
+		UserID:        user.ID,
+		LoginSourceID: inactive.ID,
+	}
+	err = user_model.LinkExternalToUser(db.DefaultContext, user, inactiveExternalLoginUser)
+	assert.NoError(t, err)
+
+	// mark the authSource as inactive
+	inactive.IsActive = false
+	err = auth_model.UpdateSource(db.DefaultContext, inactive)
+	assert.NoError(t, err)
+
+	session := loginUser(t, "user1")
+	req := NewRequest(t, "GET", "user/settings/security")
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	assert.Contains(t, resp.Body.String(), `gitlab-active`)
+	assert.Contains(t, resp.Body.String(), `gitlab-inactive`)
+}