Strapi: register user api throws 400 "Email already taken" but it's not

@hkovacs are the user that you try to register it, is registred like administrator from strapi admin?
I think that this is not an issue. can you move it into discussion?

thanks

@hkovacs are the user that you try to register it, is registred like administrator from strapi admin?
I think that this is not an issue. can you move it into discussion?

thanks

no, the email i tested is also not an admin.

there is no problem with using same email for both admin and user. i have that now without any problems. not the issue here.

i think the issue here is that something is rejecting the registration, but not throwing the correct error.

i would not recommend moving this to discussion until a bug has been clearly ruled out.

thank you!

strange! i mad the same manipulation reset my db and registred a new user via api. and dont have the issue :/

@hkovacs I have the same issue. Have you discovered anything new?

I have tried with various completely unique email address and it keeps giving me the same error.

I even tried turning off One account per email address in _Roles & Permissions > Advanced Settings_ and it's still happening.

@hkovacs I have the same issue. Have you discovered anything new?

I have tried with various completely unique email address and it keeps giving me the same error.

I even tried turning off One account per email address in _Roles & Permissions > Advanced Settings_ and it's still happening.

what strapi version are you using?

i have not found a solution yet.

Same here with v3.0.0-beta.20.3 in docker

strange! i mad the same manipulation reset my db and registred a new user via api. and dont have the issue :/

what version of strapi are you using?

based on the above feedback, there seems to be something wrong.

Same request directly to POST /users, creates the user
It seems to be something related to the registration part

what version of strapi are you using?

I was on Strapi v3.0.0-beta.19.5 when the problem occured.

I couldn't figure it out, even after switching node version from 10 - 12.16.1 (when was looking at the install docs I realized node 12.x was required and my default nvm version was 10.16)

Finally, I started a new strapi project via cli: yarn create strapi-app

Now I'm on Strapi v3.0.0-beta.20.3 … I haven't yet finished building out all my content types, but it's working great so far🤞

I had also read in some other issue (which I don't recall now) that there could be issues depending on relationships (one-to-many etc.) in tables…

ive tried all sorts of fake email addresses to test this and always the same errror Email already taken

i grepd and found 3 results:

node_modules/strapi-admin/controllers/Admin.js:187:          message: 'Email already taken',
node_modules/strapi-admin/controllers/Admin.js:263:            message: 'Email already taken',
node_modules/strapi-admin/controllers/Auth.js:196:        : { id: 'Auth.form.error.email.taken', message: 'Email already taken' };

this is the sort of situation where having a number on the token would make debugging easier to find which of the 3 instances is being triggered... something tells me it is Auth.js but...

anyone know how to do console.log on these? i tried strapi.log.debug("admin.id", admin.id) and rebuilding and restarting strapi but not getting output in the log...

@hkovacs I put directly a console log on the registration part in the modules and I can able to see the mongoose response (node_modules/strapi-admin/controllers/Auth.js:Auth.js line 561).

      ctx.send({
        jwt,
        user: sanitizeEntity(user.toJSON ? user.toJSON() : user, {
          model: strapi.query('user', 'users-permissions').model,
        }),
      });
    } catch (err) {
-->   console.log(err)     
      const adminError = _.includes(err.message, 'username')
        ? {
            id: 'Auth.form.error.username.taken',
            message: 'Username already taken',
          }
        : { id: 'Auth.form.error.email.taken', message: 'Email already taken' };

      ctx.badRequest(null, formatError(adminError));
    }
  },

In my case it was related with some fields I marked as required, put all fields required false and the registration was completed!
This is on version Strapi v3.0.0-beta.20.3

@danibram an error of "email already taken" is not correctly solved by changing user fields required to false.

the code is not working correctly. as i dont know what the intentions of this code are, it is difficult to say what the logic should be. it would be helpful if we got some expert insight here.

@danibram do you have 561 lines in Auth.js?

my node_modules/strapi-admin/controllers/Auth.js only has 357 lines and i find 'Email already taken' @ line 195

@hkovacs Yes, thats why I wrote my version of strapi, in your version the lines of code can change, so find the line in your version and put the console log there

@hkovacs Yes, thats why I wrote my version of strapi, in your version the lines of code can change, so find the line in your version and put the console log there

i am using 3.0.0-beta.20.3 it's curious that you have so many lines of code for the same version. also https://github.com/strapi/strapi/blame/master/packages/strapi-admin/controllers/Auth.js matches my file.

also, did you run a rebuild after you modified your Auth.js file? in which log file did you see the output? im not seeing any output after rebuild and restart of strapi.

@danibram i changed my fields required from true to false and registration via api worked.

however the logic is wrong and not having required field functionality is a problem.

@hkovacs I know, I just giving more information to the developers, and a way for other users to workarround the issue in the meantime.

@hkovacs I know, I just giving more information to the developers, and a way for other users to workarround the issue in the meantime.

agreed...

as am i :)

so i am thinking this was introduced between beta-20 and beta-20.3

i have two platforms running strapi and with beta-20 i am able to register without any problems,
while trying to register with beta-20.3 gives me Email already taken

i am finding that my new registered user records are showing me empty custom fields where the fields were previously required and changed to false to stop the api error.

seems like a really bad bug

strange! i mad the same manipulation reset my db and registred a new user via api. and dont have the issue :/

most likely you dont have any custom fields set to require true.

would be great to see your json and version

please let us know

Facing the same Issue, Any randomly given email id during registration is throwing the "Auth.form.error.email.taken"

I started the project with "3.0.0-beta.20.3" and didn't encounter the issue with the first 2 email registrations.
Today this issue started when I tried to register the third email user.

I was able to reproduce,
It happened to me because I added an additional field "name" to the user collection. once reverted, everything works fine

With the recent changes, for security, only the email, username, and password can be set on registration. If you mark a field as required on the user model, I'm guessing that is the cause of the issue. It would be better to offload some of those extra fields onto something like a profile model.

With the recent changes, for security, only the email, username, and password can be set on registration. If you mark a field as required on the user model, I'm guessing that is the cause of the issue. It would be better to offload some of those extra fields onto something like a profile model.

is there a link to some more reading on this?

thank you!

@derrickmehaffy Yes, that turns out to resolve my problem, I added a name field and made it non-mandatory. I make filling profile names mandatory in frontend and it does the trick.

With the recent changes, for security, only the email, username, and password can be set on registration. If you mark a field as required on the user model, I'm guessing that is the cause of the issue. It would be better to offload some of those extra fields onto something like a profile model.

is there a link to some more reading on this?

thank you!

is there a need for a separate profile model? does that mean that custom fields will be removed from users? would be helpful if there was documentation for whats going on here.

as i see it, the security enhancement created a bug in registration. pre beta-20+ user registration worked with custom fields and now it does not, and the notice presently provided in the response is incorrect.

if in the end custom fields are removed from users, and a profile model is required, there is still a bug for all strapi systems that used registration pre beta-20+. a correct message is needed in the response.

if i had some documentation to guide me, then i would be happy to get my hands dirty to provide a correct response.

Can you please provide step by step to reproduce this issue.

@lauriejim I was debugging this earlier and basically the one way I could reproduce it was to try and send extra fields to the registration endpoint. The reason users get that error is it is the last error catch block before the function ends.

Can you please provide step by step to reproduce this issue.

to summarize, a number of us have found that if we have a custom field in users and it is set to required == true then we get this incorrect error. if we change required to false then the registration saves, but the custom fields are not saved into users.

i have 2 platforms running strapi. prod on beta-3-20 and dev on beta-3-20.3, the prod is able to do registration with all fields into users. dev which has all the updates is not able to register properly.

i did some grepping and the results are in a comment above https://github.com/strapi/strapi/issues/6182#issuecomment-628845062

@derrickmehaffy suggested that new registration security was not allowing custom fields into users anymore. however since custom fields functionality has not been removed from users, i am asking for more guidance on this.

kudos to all the other participants who have provided a bounty of help toward debugging this issue.

thank you!

Can you please provide step by step to reproduce this issue.

to summarize, a number of us have found that if we have a custom field in users and it is set to required == true then we get this incorrect error. if we change required to false then the registration saves, but the custom fields are not saved into users.

i have 2 platforms running strapi. prod on beta-3-20 and dev on beta-3-20.3, the prod is able to do registration with all fields into users. dev which has all the updates is not able to register properly.

i did some grepping and the results are in a comment above #6182 (comment)

@derrickmehaffy suggested that new registration security was not allowing custom fields into users anymore. however since custom fields functionality has not been removed from users, i am asking for more guidance on this.

kudos to all the other participants who have provided a bounty of help toward debugging this issue.

thank you!

I'm facing too and it's a big issue. Personally I don't like the one-to-one relation as a workaround but I fear it's the only one we can implement by now.

Hello! I'm closing this issue because it has been fixed in the stable version of Strapi.
You can add required field in your user mode and add them in your register request body.

https://github.com/strapi/strapi/blob/37e97d621960bb46b998b508029ff4944f6e80ce/packages/strapi-plugin-users-permissions/controllers/Auth.js#L397

Hello! I'm closing this issue because it has been fixed in the stable version of Strapi.
You can add required field in your user mode and add them in your register request body.

https://github.com/strapi/strapi/blob/37e97d621960bb46b998b508029ff4944f6e80ce/packages/strapi-plugin-users-permissions/controllers/Auth.js#L397

Thank you! I look forward to upgrading and testing.

Hello! I'm closing this issue because it has been fixed in the stable version of Strapi.
You can add required field in your user mode and add them in your register request body.

https://github.com/strapi/strapi/blob/37e97d621960bb46b998b508029ff4944f6e80ce/packages/strapi-plugin-users-permissions/controllers/Auth.js#L397

Works! Thank you!

Hello! I am experiencing the same issue with Strapi v3.0.1:
I added a required field to the user model and hit the registration endpoint without providing the required field. I'm getting "Auth.form.error.email.taken" which is not true - the email is not taken and is provided.

When I provide all required data then the registration is successful as described in previous comments. For that reason I think the issue is not resolved with the latest stable version.

Hello! I am experiencing the same issue with Strapi v3.0.1:
I added a required field to the user model and hit the registration endpoint without providing the required field. I'm getting "Auth.form.error.email.taken" which is not true - the email is not taken and is provided.

When I provide all required data then the registration is successful as described in previous comments. For that reason I think the issue is not resolved with the latest stable version.

while you are getting the same message, your use case is different. best to start a new tkt.

Experiencing the same issue with Strapi v3.0.5

Experiencing the same issue with Strapi v3.0.5

please provide details to help us help you... probably best to make a new issue if you are getting this in 3.0.5

What I noticed is like some said above, If I add a required field to the User collection type, it returns the error message "Email already taken".

What I noticed is like some said above, If I add a required field to the User collection type, it returns the error message "Email already taken".

what are your system details? you can see your strapi version in the bottom left of the strapi admin page.

I just updated to Strapi v3.0.6, and tested again, still the same. I'm running this on Fedora 32:

Linux localhost.localdomain 5.6.19-300.fc32.x86_64 #1 SMP Wed Jun 17 16:10:48 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

I just updated to Strapi v3.0.6, and tested again, still the same. I'm running this on Fedora 32:

Linux localhost.localdomain 5.6.19-300.fc32.x86_64 #1 SMP Wed Jun 17 16:10:48 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

if you're getting this on 3.0.6 then your best be is to make a new bug issue.

@matrixersp in this case @hkovacs is correct, please open up a new issue, if it relates to an already closed one just reference it in the new issue.