+1Issue:
Person X's username is the same as their email address, which is "abc@de.nl." However, there is another account associated with the same email address, "abc@de.nl."
It seems that with the latest version of Indicium, Person X is unable to log in to the account using the username "abc@de.nl." Instead, the system consistently selects the account linked to the email address "abc@de.nl."
Best answer by Anne Buit
We are currently looking towards a solution where the login provided by the user will always favor the account user id over the email address. When abc@de.nl is entered in the login page, the account with user id abc@de.nl is chosen over the account with abc@de.nl as email address.
The situation where an email address exists twice in IAM should be completely forbidden but this is a breaking chance that we’ll have to investigate further, as this may cause disruptions rename tasks, oidc user provisioning and self-built user provisioning.
Hello
We haven't changed anything regarding this in Indicium, but I could imagine that this is an unstable situation because users can sign in with their username or their email address and the record that happens to be returned first is the user that will be logged in.
With that said, this situation is not supported. We already have indexes that ensure that email addresses are unique and indexes that ensure user id's are unique. However, they should also be unique compared to each other. I would consider it a bug that you were able to set up two users like this.
In order to consistently sign in one user or the other, please ensure that there is no conflict between the user id and email address of any two users.
I hope this helps.
+1
Thanks for your response.
It is a valid case that users can sign in with their e-mailadres?
Didn't know about that feature, but that might give some issues indeed. Since there could be multiple accounts..
+5We are currently looking towards a solution where the login provided by the user will always favor the account user id over the email address. When abc@de.nl is entered in the login page, the account with user id abc@de.nl is chosen over the account with abc@de.nl as email address.
The situation where an email address exists twice in IAM should be completely forbidden but this is a breaking chance that we’ll have to investigate further, as this may cause disruptions rename tasks, oidc user provisioning and self-built user provisioning.
+1Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
