We already detect conflicts in both email and username. So user can either use different username or link the account corresponding to existing username. Also as Kamal mentioned, we already have the IdentityProviderMapper, which allows to configure how is username generated ( UsernameTemplateMapper ). We don't need any other strategy IMO as the mapper is flexible enough.It's to make it less likely that the username is already in use. We could use email for the username in those cases, but email is not always available. In the past we didn't have a way to allow the user to change the username if there was a conflict and instead the first login would just fail. With the introduction of first time social flows we could improve on this.
We could allow selecting the strategy to use. Then allow the user to change if there's a conflict. We already allow users to change email if there's a conflict so can do the same for username.
On 8 January 2016 at 12:32, Thomas Raehalme <thomas.raehalme@aitiofinland.com> wrote:
Hi,
If I login to Keycloak using a federated identity such as Google, Keycloak inserts a prefix "google." to my username.
Maybe I'm missing something, but isn't this kind of unnecessary when the email address is already a unique property?
Best regards,Thomas
_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
_______________________________________________ keycloak-dev mailing list keycloak-dev@lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev