<p dir="ltr">Hi Keycloak Team,</p>
<p dir="ltr">I am working on migrating an existing application to Keycloak. In the existing application, unique ‘member_ids’ are used as usernames and the ‘email’ field can be duplicate. However on logging into Keycloak, members with duplicate emails are not allowed. So I have identified two areas to work on: </p>
<p dir="ltr">Task I) Allow members with unique member ids (who may/ maynot have unique email) to login.<br>
Task II) Disable login using email. </p>
<p dir="ltr">Solution: <br>
So as a solution to the first task, in my CustomUserFederation, I have made the following changes: </p>
<p dir="ltr">//Code snippet 1 CustomFederationProvider implements UserFederationProvider{ <br>
        .         .         <br>
@Override         <br>
public UserModel getUserByUsername(RealmModel realm, String username) {                 <br>
.                 .                 <br>
if (apiCustomer.getEmailAddresses() != null && apiCustomer.getEmailAddresses().size() > 0) {                         <br>
// Changed to handle duplicate emails using: Sub-addressing, so email: mailid@domain is saved as mailid+member_id@domain                         <br>
userModel.setEmail( subaddress(apiCustomer.getEmailAddresses().get(0).getEmail(), userModel.getMember_id()));                 <br>
}                 <br>
.                 .         <br>
} <br>
} </p>
<p dir="ltr">//Code snippet 2 <br>
CustomUserModelDelegate extends UserModelDelegate {         <br>
.         .         <br>
@Override         <br>
public String getEmail() {                 <br>
String email = super.getEmail();                 try {                         <br>
// Changed to handle duplicate emails using: Sub-addressing, so while retrieving email: mailid+member_id@domain is processed as mailid@domain<br>
        <br>
email = removeSubaddress(email);                 <br>
} catch (Exception e) {<br>
                        ...                 <br>
}                 <br>
return email;         <br>
}         <br>
.         . <br>
} </p>
<p dir="ltr">Now my queries are: </p>
<p dir="ltr">1.) Will my solution of sub-addressing the email resolve the first issue without any side-effects? <br>
2.) How do I disable logging in using emails from Keycloak?</p>
<p dir="ltr">Regards,<br>
Nidhi Rachora</p>