Re: [keycloak-user] Email is unique within one realm

Unfortunately this is not easily possible because we want to use out-of-the-box features such as „update profile email”, „reset password email” and others, where Keycloak uses the email address of the account. As I understood the reason why the email address was designed as unique is that it could be also used as the username. Would it be possible to implement this as a feature within the realm config? You can configure if you want to allow the usage of the email address as the username. If not, the email address has not to be unique. For us, this would make totally sense and helps us to fulfill the requirement. Would that be possible if there are no other preventing side effects? *From:* Stian Thorgersen [mailto:sthorger@redhat.com] *Sent:* Wednesday, November 25, 2015 8:31 PM *To:* Sebastian Olscher *Cc:* keycloak-user(a)lists.jboss.org *Subject:* Re: [keycloak-user] Email is unique within one realm In that case could you just set the contact email address as an attribute instead? The email field has to be unique has it can be in place of username. You could even use protocol mappers to map either email or the attribute to the same claim in the token. On 25 November 2015 at 15:57, Sebastian Olscher < sebastian.olscher(a)traveltainment.de&gt; wrote: This receives importance if we are talking about users which will be used by a system and not a human person. These users may have the same responsible contact person as there is a system using this account and no real human. The contact person is identified by the email address. Our own specific information will be designed as user attributes. For example: Username: sys_customer1 Email address: sebastian.olscher(a)traveltainment.de (Email address of the contact person who is responsible for this user) User attribute: Key=customer, Value=customer1 Username: sys_customer2 Email address: sebastian.olscher(a)traveltainment.de (Email address of the contact person who is responsible for this user) User attribute: Key=customer, Value=customer2 *From:* Stian Thorgersen [mailto:sthorger@redhat.com] *Sent:* Wednesday, November 25, 2015 3:04 PM *To:* Sebastian Olscher *Cc:* keycloak-user(a)lists.jboss.org *Subject:* Re: [keycloak-user] Email is unique within one realm That's not possible at the moment. Out of curiosity why would you have two different accounts for the same person? On 25 November 2015 at 15:01, Sebastian Olscher < sebastian.olscher(a)traveltainment.de&gt; wrote: Hello, the email address is unique within one realm. Is there a possibility to fulfill the requirement to have different user (different usernames) for different applications within one realm which were managed and used by the same person/entity? For example: Username: I_Am_An_Admin Email: user(a)traveltainment.de (gets roles for every client within the realm) Username: I_Am_A_Normal_User Email: user(a)traveltainment.de (get roles from only one client within the realm) Is this unambiguity of the email address configurable? Thanks, Sebastian _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user