Amazon-cognito-identity-js: It shouldn't be possible to create 2 user with the same email but different upper and lower case letters

Created on 13 Sep 2017  路  6Comments  路  Source: amazon-archives/amazon-cognito-identity-js

As the title already reveals. It should not be possible to create multiple accounts if you use different upper and lower case letters but the same email.

Reproduce:

  1. Create user with email [email protected]
  2. Create user with email [email protected]
  3. Check Userpool, both user are created

UsernameExistsException doesn't fire at all and it create both user in my Userpool.

Workaround would be to lowercase all emails on registration but don't really want to do that.

Most helpful comment

Yes, we will add a +1 to the internal feature request on your behalf.

All 6 comments

Hello, thanks for the feedback.
We are considering this change and it is on the roadmap but we cannot comment to when it will be available.

The email on login is also case sensitive. So if you register your account with [email protected] then you must always login with [email protected] and if you try xX360NoScOpE@Gmail.com you'll get a error.

Yes, we will add a +1 to the internal feature request on your behalf.

Same goes to forgot password. I have the email address set as an alias. When the user hit forgot-password, they will get "UserNotFoundException" when the email address's casing does not match with what they registered.

Sooo it's fixed?

@Skaronator We have marked this as a feature request and we will prioritize this case fix. However, we cannot estimate the delivery time at this point.

Was this page helpful?
0 / 5 - 0 ratings