I have created a simple first login flow for the external IPD (Google). You can see the config on the screenshot.
The problem: If I have 2 users with such creds
username email
email-3.host.com / email-1.host.com / id-1 //this user changed username manually
email-2.host.com / email-2.host.com / id-2
And then login with Google with email-3.host.com, then it will change the user with id-1 by re-assigning email from email-1 to email-3 because it will assume that user with username email-3.host.com already exists. And I will have such set of users now:
username email
email-3.host.com / email-3.host.com / id-1
email-2.host.com / email-2.host.com / id-2
When I want to have:
username email
email-3.host.com / email-1.host.com / id-1
email-2.host.com / email-2.host.com / id-2
email-3.host.com.01 / email-3.host.com / id-3
Basically I want to have an extra step where Keycloak will ask to type the username and ensure it's unique and will never assume that user already exists comparing Google's IDP email with the username. Because current flow allows to steal the account of the user with id-1. And does not allow to choose own username (without entering everything like password, name, surname). Any ideas how to achieve that?
