Skip to content

UserOptions.AllowedUserNameCharacters should be marked as allowing null. #64078

New issue
New issue
Open
Open
UserOptions.AllowedUserNameCharacters should be marked as allowing null.#64078
Labels
api-suggestionEarly API idea and discussion, it is NOT ready for implementationarea-identityIncludes: Identity and providers
@justindbaur

Description

@justindbaur
justindbaur
opened on Oct 16, 2025

Background and Motivation

UserOptions.AllowedUserNameCharacters is marked as not allowing null to be assigned to it but the code consuming this property treats a null or empty as all characters being allowed in the username.

aspnetcore/src/Identity/Extensions.Core/src/UserValidator.cs

Line 61 in b50ab86

else if (!string.IsNullOrEmpty(manager.Options.User.AllowedUserNameCharacters) &&

Proposed API

namespace Microsoft.AspNetCore.Identity;

public class UserOptions
{
+    public string? AllowedUserNameCharacters { get; set; }
-    public string AllowedUserNameCharacters { get; set; }
}

Usage Examples

services.Configure<IdentityOptions>(options =>
{
    // Allow all characters in usernames
    options.User.AllowedUserNameCharacters = null;
});

Alternative Designs

null can still be disallowed and an empty string should be used to denote that all characters are allowed in usernames.

Risks

There should be no risks, the property will still retain its same default set of characters it will just not cause nullable reference types warnings when null is set to it.

There are already tests using null as a value here.

Metadata

Metadata

Assignees

No one assigned

    Labels

    api-suggestionEarly API idea and discussion, it is NOT ready for implementationarea-identityIncludes: Identity and providers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions