I have a user with the following properties:
Username(login): myusername@company.com
Firstname: myusername
Lastname: myusername
Primary email(email): myusername@company.com
After some tests, we discovered that they were able to log in with only myusername in the Username field of the login form and their corresponding password.
How did it make the link to the account? Is it somehow with the firstname or lastname fields? Is it because it’s the only profile with myusername as email prefix? If this is the case, what happens if we have two accounts like myusername@companyA.com and myusername@companyB.com?
In any case, I haven’t found a way to disable this in the interface, and I would rather disable this behaviour.
if you have 2 users, then it won’t work anymore. Each one will have to provide full login name (with email prefix). How does your username format configured? Is it “email format” or “no restrictions”? It’s in Profile Editor -> Okta -> Login field
Thanks for the answers. My usernames are configured with email format.
Do you know if we can disable this behavior? It doesn’t look like it will cause problem but it looks like a weird “feature” to begin with.
Hi @mathieuv! @phi1ipp is right Okta accepts partial and full email login as long as it is the only profile with that email prefix. There is no way to disable this but there is a current feature request which you can vote on https://ideas.okta.com/app/#/case/110683.
You can have a Custom Username format. Ask the Support Team to enable the feature. Also, on a different tangent and depends on the use cases which you are trying to solve for e.g. myusername@companyA.com and myusername@companyB.com are trying to access two different applications and then you can use transformUsername function from the JS SDK by adding the different domains per applications.
Try to ask support maybe?