[CAL-3600] SAML/SSO idP auto-merging allows slipping of uppercase in email #14833
Labels
authentication
area: authentication, auth, google sign in, password, SAML, password reset, can't log in
🐛 bug
Something isn't working
enterprise
area: enterprise, audit log, organisation, SAML, SSO
High priority
Created by Linear-GitHub Sync
Milestone
When we merge identities in the next-auth-options, if the idP passes email with uppercase characters, it slips the email with uppercase characters and the account merging causes the user's email to be updated with said uppercase characters. This results in a non-usable state of the user's account and in turn creates a new account for the user when attempted to login.
A potential fix is to probably identify the source where email is updated with uppercase and simply force lowercase there.
From SyncLinear.com | CAL-3600
The text was updated successfully, but these errors were encountered: