Not sure what you mean by this. Are you talking about the setting “sso overrides email”?
That would only take effect when/if the user actually logs in. So emails would still bounce while the email is wrong.
If you are possibly talking about “POST admin endpoint /admin/users/sync_sso to synchronize an SSO record” that would mean I would have to force one or all users from the SSO software I guess. Given the problems with SSO emails syncing it’s not the first option I would try.
Anyway, because of the problem described earlier in this topic I now have “sso overrides email” off and let users change their emails themselves. So I don’t want to override from SSO anymore.
But all this is missing the point, that the users bouncing mails are generated on the fly, as needed. The easiest way would be to allow a change to the email without authentication (at least for admins - or admins would have a choice).
Side note: I have tried giving an empty email address but the system does not allow for that. I understand the email address is so critical is should not be empty. BUT, if you really give an empty email (at least as an admin), one could assume you know what you are doing.
Just to confuse things more, I actually have users that do not have an email account, only access to a browser. Think refugees here and you might understand why. It is far easier to just allow someone to login and read instructions in their own language than to try and explain to them they need to make a gmail account or something.
In any case, this is theoretical, I doubt many people have the same problem. I would say it’s simply too strict even for admins, IMHO.
(sorry about the reply time, with more free time the world would be perfect)