This article addresses an issue that arises when using the Account Linking Extension to link two accounts that have the same email.

• Identity Provider (IdP)
• Account Linking Extension
• Case Sensitivity

Currently, the extension (both in the rules and in the backend) searches for identities with the same email address using the GET /api/v2/users-by-email endpoint.

While this endpoint is efficient, the search it performs is case-sensitive. This can be a problem for some enterprise identity providers that provide the email address in a capitalized form (For example, John.Doe@domain.com instead of john.doe@domain.com).

This is currently a limitation of the extension, and there is a backlog item to address this issue. Please contact Auth0 Support for an update.