Technical Trigger
The introduction of username changes for Google Accounts affects the email claim in the ID token provided by the Google Sign-in API. When a user changes their username, the email claim may return the new email address instead of the old one, potentially causing issues for platforms that rely on email addresses as the primary identifier.
Developer / Implementation Hook
Developers can prepare for this change by updating their authentication flows to use the sub claim (subject ID) as the primary identifier for users. This can be done by modifying the Google Sign-in API integration to request the sub claim and store it as the primary key for user accounts. Additionally, developers can implement email-based account recovery to handle cases where users have changed their email addresses.
Structural Shift
The ability for users to change their Google Account username represents a shift from email-based identification to more robust and stable identifiers like subject ID.
Early Warning — Act Before Mainstream
To prepare for this change, developers can take the following steps:
1. Update their Google Sign-in API integration to request the sub claim and store it as the primary key for user accounts.
2. Implement email-based account recovery to handle cases where users have changed their email addresses.
3. Review and update their authentication flows to handle the potential changes in the email claim returned by the Google Sign-in API.