[keycloak-dev] Why the provider prefix in username?

Stian Thorgersen sthorger at redhat.com
Fri Jan 8 07:05:35 EST 2016


It's to make it less likely that the username is already in use. We could
use email for the username in those cases, but email is not always
available. In the past we didn't have a way to allow the user to change the
username if there was a conflict and instead the first login would just
fail. With the introduction of first time social flows we could improve on
this.

We could allow selecting the strategy to use. Then allow the user to change
if there's a conflict. We already allow users to change email if there's a
conflict so can do the same for username.

On 8 January 2016 at 12:32, Thomas Raehalme <
thomas.raehalme at aitiofinland.com> wrote:

> Hi,
>
> If I login to Keycloak using a federated identity such as Google, Keycloak
> inserts a prefix "google." to my username.
>
> Maybe I'm missing something, but isn't this kind of unnecessary when the
> email address is already a unique property?
>
> Best regards,
> Thomas
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160108/c6aa2cd6/attachment-0001.html 


More information about the keycloak-dev mailing list