-
Bug
-
Resolution: Done
-
Undefined
-
None
-
False
-
-
False
-
-
Before reporting an issue
[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
user-profile
Describe the bug
Updating email action fails to update username when email as username and Unmanaged Attributes are enabled.
Version
26.0.5
Regression
[X] The issue is a regression
Expected behavior
When the email is changed, the username is changed as well. User can only login with the new email, but not the old one.
Actual behavior
When the email is changed, the username remains the same. User can login with the new email and the old one.
How to Reproduce?
Create a realm with this settings:
<img width="279" alt="image" src="https://github.com/user-attachments/assets/b1dd5a48-ea31-4506-8018-1ad4b0128076">
Set Unmanaged Attributes to ENABLED:
<img width="867" alt="image" src="https://github.com/user-attachments/assets/9970a516-8f3c-41fc-a0a6-1adc83318441">
Then try to change the email of a user and you'll see that the username get updated.
Anything else?
Even though the email update feature is in preview, I find it important to have a closer look into this issue, since this level of details AFAIK is not covered by migration guides as far as I can see. It's too easy to do an upgrade an miss this detail, and the consequence is that after the user changes the email, you can still login with the older email (as it remains the username) and with the new one.
I tracked it down to the DefaultAttributes class. Everything is fine until we hit the below line and the Unmanaged Attributes is enabled.
I put this issue as a regression because I don't see a reason why the Unmanaged Attributes should interfere here.
Workaround
Set Unmanaged Attributes to DISABLED.
- links to
