Specify a Different Login Identifier
System administrators can specify a field other than user ID as the identifier used at login, both for local login and SAML single sign-on. To change the login identifier, set the authentication.keyField property in the /WEB-INF/conf/ekp.properties file to one of the fields in the table below.
When users log in to the LMS, instead of entering their LMS user ID and password, they are prompted to enter the field defined in the authentication.keyField property.
With the exception of user ID, it is not guaranteed that these fields will have unique values. Logging in using any of these fields will fail unless there is exactly one user account with the appropriate field value.
Table: Allowed Login Identifiers
| Field | authentication.keyField Value |
| User ID (default) | UserID |
| Email address | |
| User attribute 1 | UserAttr1 |
| User attribute 2 | UserAttr2 |
| User attribute 3 | UserAttr3 |
| User attribute 4 | UserAttr4 |
| User attribute 5 | UserAttr5 |
| User attribute 6 | UserAttr6 |
| User attribute 7 | UserAttr7 |
| User attribute 8 | UserAttr8 |
| User attribute extension | UA-{label} (for example if the attribute extension label is MyAttributeExtension then use UA-MyAttributeExtension) |
Impact on SAML Single Sign-on
The identity provider will need to provide a value for the field used as the login identifier.
Do not enable updates for a field that is being used as the identifier. For example, the following configuration would be invalid:
# Invalid configuration
authentication.keyField=Email
authentication.attribute.Email.allowUpdate=true
Impact on Local Login
The supplied login name is first checked against the user ID as normal. If there is no active account with the corresponding user ID, and a different field is specified for authentication.keyField, the LMS looks for a user account with the corresponding value for the specified field, and will use it only if there is exactly one account with the matching value.