force-unique-email-across-social-identities - unique email address restriction can be bypassed

[ablanken-equinox]

trafficstars

If a user signs in with a social media account + email address that matches a local account with the same email, an error message is displayed as intended.

On the error screen however, you can press F5 to refresh the page, and the user can continue to add the social media account with non-unique email address.

[JasSuri]

You can add a dummy outputClaim in the technical profile which displays the error. Add the required=“true” flag to this output claim. I will update the sample to reflect.

[ablanken-equinox]

Thanks Jas - I'll look forward to seeing the updated sample. Cheers