Store Email Address in User ID field

The team that is implementing OKTA in our organization is asking the application folks to store email address in the User ID field in the application’s database’s User Profile table.
Reason is they are going to use the email address as a login username.

Currently we have a user ID stored in there.
Note that we have a separate email address field also in the same table.

We store the value in user ID column (‘jdo’ or ‘asmith’) in all the transaction tables audit columns.
For example we would be storing value ‘jdo’ in CREATE_USER and/or UPDATE_USER field of some transaction table.

If we implement this team’s design we will lose the audit trail (‘jdo’ will be in transaction table and may not relate or become ambiguous to match to or

One way to prevent this is to do a one-time update of all transaction tables’ audit columns from user ID value to email address.

However when a user changes their email address we have to redo this work again to maintain the relationship for auditing.

Is this a good design (asking application team to store email address in User ID field) ?

Please suggest any alternatives.

I think it’s not really an Okta related question, but rather your system design.

After you create a user in Okta with an email in login field, you can’t really change it. You can change email field, if you want, but login/username (in the form of email) will stay the same. Is it OK for you transactional DB, I’m not sure, you need to discuss with your architect. Usually DBs would have some sort of immutable ID as a reference to a user, so that any possible change in user attributes do not hurt your transaction history.

1 Like