[Authentication] Deleted user can be recreated? User already exists error with LDAP?
#8931
-
|
Hi all, I saw this in your documentation:
Is this still valid? Locally I tested deleting my user (created with OIDC) and I could log in (my user was recreated) again without problems. I prefer it this way though. The image I used is: I needed this because if I updated my Thanks in advance! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
Hi @anichucai! I'm Dosu and I’m helping the phoenix team. The documentation about deleted users being permanently blocked and unrecoverable is outdated for OIDC/OAuth2 users. In the current Phoenix backend, deleting a user removes their record from the database, and there is no logic to block or reserve their email or username. If allow_sign_up is enabled, a deleted OIDC user can log in again and be recreated with the same identifiers, which matches what you observed locally. The "User already exists" error happens if a user with the same email or username is still present in the database—this can occur if the user wasn't deleted properly or if there's a conflict after changing There is no evidence of a blocklist or permanent reservation of deleted user identifiers for OIDC/OAuth2 users in the codebase, so the behavior you prefer is actually how Phoenix works today. The To reply, just mention @dosu. How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other |
Beta Was this translation helpful? Give feedback.
-
|
Thanks @anichucai. I believe the docs are incorrect here. You should be able to recreate users with a deleted email. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for your answer! |
Beta Was this translation helpful? Give feedback.
Thanks @anichucai. I believe the docs are incorrect here. You should be able to recreate users with a deleted email.