[keycloak-dev] User ids and usernames

[Bill Burke]

On 2/6/2014 5:02 AM, Stian Thorgersen wrote:
> A user should have an id, username and email (what we have now). The id should be generated by the server and should never change for a user. The sub field in the token should use this id, not the username. Applications that wants to store information associated with a specific user should also use this id, not the username or email, as the id will never change.
>
> That means it should be possible for a user to change his/her username. Obviously a username has to be unique within a realm. We should then allow a user to login with either their username or their password. When a user is able to login with their username we can also remove the forgot username option on the login form, and only have a forgot password option.
>
> This would also help integration with social login as now we don't have to try to create a sensible username for a user on social login. Instead we create a generated id, and don't even set a username. A user can then set the username they want through the account management (or on the update profile action page if that option is enabled).
>
> If there's no objections to this, I'd like to add these changes to alpha2.

Ugh, this is just a nasty change.  usernames will rarely, if ever, 
change and I don't like the idea that users can change their username. 
A principal name of "bill" is much more coherent than 
"2341235234234-234123-234123-2341234".

I want to ping jboss.org guys and see if they allow changing or setting 
usernames for their social login or how they handle that scenario.

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com