Skip to content

Case sensitivity in user email hash leads to inconsistent permissions with multiple identity providers #7617

New issue
New issue
Closed
#7629
Closed
Case sensitivity in user email hash leads to inconsistent permissions with multiple identity providers#7617
#7629
Assignees
ahmadhamzh
Labels
customer-requestkind/bugCategorizes issue or PR as related to a bug.sig/uiDenotes a PR or issue as being assigned to SIG UI.
@soer3n

Description

@soer3n
soer3n
opened on Sep 29, 2025

What happened

The mechanism used to create a new user object in KKP is based on sha256.Sum(..), which is case-sensitive. The SHA-256 hash is calculated using the user's email address. This can lead to problems when assigning permissions later if a user uses two or more identity providers and the email addresses differ only in capitalization. One customer reported that in this case, permissions were being assigned randomly.

Internal Reference: 8384

Expected behavior

Regardless of uppercase or lowercase letters, it should refer to the same user.

How to reproduce

Environment

  • UI Version: v2.28.3
  • API Version: v2.28.3
  • Domain:
  • Others:

Current workaround

Affected user persona

Business goal to be improved

Metric to be improved

Metadata

Metadata

Assignees

Labels

customer-requestkind/bugCategorizes issue or PR as related to a bug.sig/uiDenotes a PR or issue as being assigned to SIG UI.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions