[keycloak-user] Disabling unique email restriction in Keycloak

Hi Keycloak Team, I am working on migrating an existing application to Keycloak. In the existing application, unique ‘member_ids’ are used as usernames and the ‘email’ field can be duplicate. However on logging into Keycloak, members with duplicate emails are not allowed. So I have identified two areas to work on: Task I) Allow members with unique member ids (who may/ maynot have unique email) to login. Task II) Disable login using email. Solution: So as a solution to the first task, in my CustomUserFederation, I have made the following changes: //Code snippet 1 CustomFederationProvider implements UserFederationProvider{ . . @Override public UserModel getUserByUsername(RealmModel realm, String username) { . . if (apiCustomer.getEmailAddresses() != null && apiCustomer.getEmailAddresses().size() > 0) { // Changed to handle duplicate emails using: Sub-addressing, so email: mailid@domain is saved as mailid+member_id@domain userModel.setEmail( subaddress(apiCustomer.getEmailAddresses().get(0).getEmail(), userModel.getMember_id())); } . . } } //Code snippet 2 CustomUserModelDelegate extends UserModelDelegate { . . @Override public String getEmail() { String email = super.getEmail(); try { // Changed to handle duplicate emails using: Sub-addressing, so while retrieving email: mailid+member_id@domain is processed as mailid@domain email = removeSubaddress(email); } catch (Exception e) { ... } return email; } . . } Now my queries are: 1.) Will my solution of sub-addressing the email resolve the first issue without any side-effects? 2.) How do I disable logging in using emails from Keycloak? Regards, Nidhi Rachora