Hello @martijngaasbeek,
We haven't changed anything regarding this in Indicium, but I could imagine that this is an unstable situation because users can sign in with their username or their email address and the record that happens to be returned first is the user that will be logged in.
With that said, this situation is not supported. We already have indexes that ensure that email addresses are unique and indexes that ensure user id's are unique. However, they should also be unique compared to each other. I would consider it a bug that you were able to set up two users like this.
In order to consistently sign in one user or the other, please ensure that there is no conflict between the user id and email address of any two users.
I hope this helps.
@Vincent Doppenberg
Thanks for your response.
It is a valid case that users can sign in with their e-mailadres?
Didn't know about that feature, but that might give some issues indeed. Since there could be multiple accounts..
We are currently looking towards a solution where the login provided by the user will always favor the account user id over the email address. When abc@de.nl is entered in the login page, the account with user id abc@de.nl is chosen over the account with abc@de.nl as email address.
The situation where an email address exists twice in IAM should be completely forbidden but this is a breaking chance that we’ll have to investigate further, as this may cause disruptions rename tasks, oidc user provisioning and self-built user provisioning.
@Anne Buit Do you have an expected releasedate? Since we keep getting more users who are experiencing this issue… They cannot solve it themselves…
@martijngaasbeek the expected release date for this is with the 2024.1 platform version, which is expected next January.