Username can only contain alphanumeric characters and '_', ' ', '-', or '.'.

I’m currently in the final stages of putting together a new authentication system using Auth0 and have run into an issue where it seems we can’t enter an email address into the username field.

Some background. I’m working with a legacy dataset that allows users to login with a username but this has caused some issues so we’ve decided that going forwards all usernames were to be the users email address. Whilst we could just map the login to the email address field in Auth0, we do have a large number of users that would be logging in with a normal username and not a password.

Is there any way around this? For what it’s worth we’re using the API and not lock

What you are experiencing is expected - the username field does not support email addresses. In saying that, we support authentication with Username, as well as email addresses.

If your connection has the Requires Username setting enabled, Auth0 will attempt to log the user in using the username parameter passed to the login endpoint, with both the username and email fields of the user profile.

E.g.

Sample user
username: batman
email: bruce@wayne.com

A login call to /oauth/ro with username parameter of batman will successfully login. So will a login call with username parameter of bruce@wayne.com. This should satisfy the requirement to login using Username or email address.

I’ve put a workaround in place for this by disabling new users from being able to set a username and also by stopping anyone from modifying their username, all new accounts will be created with their email address and in the background we are swapping out the @ in the email address with a + so that there is still a valid username being saved and passed. Not an ideal fix but works for what we have.