This came up today for nextflu-private and also earlier for wadoh-private, so I figured it's worth a short discussion to potentially improve things.

Background

Usernames and emails in our Cognito user pool are case sensitive¹, meaning it is valid to have two users with usernames john.doe and John.Doe, and similarly with emails [email protected] and [email protected].

Technically, email addresses are cases sensitive, but it's complicated and it seems like many major email providers treat them as case insensitive when receiving.

¹ I think this was simply the default when the user pool was created in 2019, though it could have been intentional?

Possible solutions

In practice, I don't think most users would benefit from having two usernames/emails with different casing, so we should try to avoid such situations.

1. ⛔️ Use a case-insensitive user pool.
   • It's not possible to change a case-sensitive user pool to case-insensitive. The workaround of migrating to a new user pool seems overkill.
2. Automatically flag case-insensitive duplicates before creating the members in Cognito.
   • This is well-suited for #987.
3. Automatically lowercase usernames and emails in scripts/provision-group.
   • This avoids the need for #987, but I think it's too automatic and makes a broad assumption that everyone wants lowercased usernames and emails.