Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use /api/v2/users to find matching emails #119

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Use /api/v2/users to find matching emails #119

wants to merge 1 commit into from

Conversation

nicosabena
Copy link

Switches back to GET /api/v2/users to find matching email addresses so that the search is case-insensitive.

✏️ Changes

Currently, the extension (both in the rules and in the back end) searches for identities with the same email address with the GET /api/v2/users-by-email endpoint. While this endpoint is very efficient, the search it performs is case sensitive. This is a problem for some enterprise identity providers that provide the email address in a capitalized form (e.g. John.Doe@acme.com instead of john.doe@acme.com).
With PR switches to the GET /api/v2/users endpoint, with a q=email:john.doe@acme.com like query string. This search is case insensitive, allowing matches where the casing is different. The search needs to be changed in two pieces:

  • In the rule, where matching identities are searched for during the first login
  • In the backend, where matching identities are searched to present the option to the user

The slight performance hit from not using /users-by-email should be negligent, since the search is only done on the first login of an identity.

🔗 References

IUM-1301

🎯 Testing

🚫 This change has been tested in a Webtask

🚫 This change has unit test coverage

🚫 This change has integration test coverage

🚫 This change has been tested for performance

🚀 Deployment

✅ This can be deployed any time

🎡 Rollout

🔥 Rollback

📄 Procedure

🖥 Appliance

@nicosabena
Use /api/v2/users to find matching emails
4adcdc0 
Switches back to GET /api/v2/users to find matching email addresses so that the search is case-insensitive.
@stale
Copy link

stale bot commented Jan 9, 2022

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

@stale stale bot added the wontfix label Jan 9, 2022
@nicosabena
Copy link
Author

This is still relevant and would help to mitigate the described corner cases.

@stale stale bot removed the wontfix label Jan 10, 2022
@stale
Copy link

stale bot commented Apr 16, 2022

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

@stale stale bot added the wontfix label Apr 16, 2022
@ghost ghost mentioned this pull request Jun 29, 2022
Open
@ldigiuseppe
Copy link

We are having issues with linking account when the emails are registered with different lower/upper cases, for example, we have a b.simon@mail.com (username-password) and a B.Simon@mail.com (waad user) they won't link together because of the capital letters. It would be nice to progress with this PR.

@stale stale bot removed the wontfix label Sep 8, 2022
@jcerjak
Copy link

jcerjak commented Jun 5, 2023

According to https://auth0.com/docs/manage-users/user-search/retrieve-users-with-get-users-endpoint, the
GET /api/v2/users endpoint is eventually consistent, not immediately consistent.

If you think this is problematic for this particular use case, please consider upvoting: https://community.auth0.com/t/add-case-insensitive-option-for-user-by-email-search/93303

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ldigiuseppe ldigiuseppe ldigiuseppe approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nicosabena @ldigiuseppe @jcerjak