We’ve seen this error before, I just did a search on our ticketing system.
This happens when you have
- require activation set to true
- a user U1 on Discourse with a specific email address, possibly with external ID A.
- a user U2 on the DiscourseConnect provider side with the same email address and a different external ID (B)
The user logs in, Discourse checks if there is a user with external ID B, it does not exist.
Normally Discourse will perform a match on email as a next step but since require activation is set the email address is untrusted and it skips this step and it will not associate with user U1 because it would allow for account hijacking.
So Discourse decides to create a new user. That fails because user U1 already exists with that email address.
It would be good if there was a better error in case the email does exist but the email is untrusted. I’m also unsure why it shows a generic Rails error.
Resolutions:
- if your email addresses on DiscourseConnect provider side are verified and can be trusted, set require activation to false.
or - change the external ID for user U1 to B
or - change the email address for user U1 to something else
Adding the text “the change you wanted was rejected” so this topic will be found when someone searches for this error.