Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User Import API Email Validation #2601

Closed
matt1hathcock opened this issue Jan 4, 2024 · 4 comments
Closed

User Import API Email Validation #2601

matt1hathcock opened this issue Jan 4, 2024 · 4 comments
Labels
working as designed

Comments

@matt1hathcock
Copy link

matt1hathcock commented Jan 4, 2024
edited by mooreds
Loading

User Import API Email Validation

Description

I can import a user with a non-standard email format such as markdown text:

[[email protected]](mailto:matt%[email protected])

When I go to edit this user in the Admin UI I am unable to make changes and save the user because the email now fails validation.

User create/update API fails with an invalid email. Admin UI fails to create/update user with invalid email. Client libraries fail to create/update user with invalid email.

Affects versions

Current version 1.48.3.

Steps to reproduce

Steps to reproduce the behavior:

  1. Import User with Postman
  2. Get 200 ok
  3. Search user in Admin UI
  4. Click to Edit User
  5. Click to Save User

Expected behavior

User import should fail if the email is not a valid format.

Screenshots

Screenshot 2024-01-04 at 3 12 10 PM

Platform

  • macOS
  • Chrome Version 120.0.6099.129

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

Additional context

Issue may be impacting elasticsearch querying as well in recent issue here: FusionAuth/fusionauth-typescript-client#96

This is where we initially discovered the email formatting and tested how this got into the database.
@robotdan
Copy link
Member

robotdan commented Jan 5, 2024
edited
Loading

I believe this is working as designed. The Import API in some areas is intentionally less strict than the User Create / Update to allow imports to go more smoothly.

It can be very difficult to know what a valid email address looks like. While this one is quite obviously not valid - it is not always that simple. The best way to tell if an email is valid is to validate it by trying to send something to it.

If you are importing an email address, we make the assumption that "you" the developer thought this email address was valid at some point in time because you had it your data model.

I would prefer to leave this behavior as is because it affords us some flexibility in allowing you to bring data into FusionAuth. It is up to the one using the Import API to ensure the data is correct and pristine to the best of their knowledge.

If there is a use case for changing our behavior instead of just asking the developer to validate their own data prior to importing the data to FusionAuth let's document that here and then we can review this further.

@matt1hathcock
Copy link
Author

thanks @robotdan ok to close I assume

@idasilva
Copy link

i'v been working on a migration project to FusionAuth and needed to get existent users with a non-standard email format, the import api was very import.

@mooreds
Copy link
Collaborator

mooreds commented Jul 18, 2024

@idasilva thanks for using FusionAuth. If you have an issue or feature request, please open a new issue rather than commenting on an old issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
working as designed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mooreds @robotdan @matt1hathcock @idasilva