Unique Username Generator Rule

:spiral_notepad: Description Use this rule when a unique username is needed on a Source.
:balance_scale: Legal Agreement By using this CoLab item, you are agreeing to SailPoint’s Terms of Service for our developer community and open-source CoLab.
:hammer_and_wrench: Repository Link https://github.com/sailpoint-oss/colab-rules/blob/main/cloud-executed-rules/AttributeGenerator/Rule-AttributeGenerator-UsernameGenerator.xml
:open_book: New to Rules in the CoLab? Read the getting started guide for Rules in the CoLab.
:hospital: Supported by Community Developed


The unique username generator rule will generate a unique username for an Active Directory source.


  • Access to IdentityNow


With this rule you’ll be able to generate a unique username and check for uniqueness for an Active Directory source.

The unique username will be generated as follows.

  • Retrieve the first name, last name and other name of the user.
    • Remove diacritical marks and remove any characters outside the range [a-zA-Z0-9]
  • If the other name is not available, use the first name.
  • First, check the length of (othername | firstname).lastname. If it is greater than 12 then use the first 12 letters of the first name, add a period . and append the first character of the last name. Convert to lowercase. Check for uniqueness.
  • If it is not unique then use the first 12 characters of the first name and add a period . and append the second character of the last name. Convert to lowercase. Check for uniqueness.
  • Follow this pattern until a unique username is found. If all characters of the last name are exhausted, return null.

This is excellent, thank you so much for sharing
my java is not strong enough, how does this rule treat names that contain a character with an accent like “é”?

Hello @paziz_lob,

In this particular rule there is sanitization that will remove all characters that are not within the following ranges a-z, A-Z or 0-9 this will remove characters with diacritical marks like you’ve shown.

1 Like

This is great but what do you think if I add this to the rule?
This way é gets replaced with e
do you think this would work?

import java.text.Normalizer;

firstName = (Normalizer.normalize(firstName, Normalizer.Form.NFD).replaceAll("\\p{InCombiningDiacriticalMarks}+", ""));
lastName = (Normalizer.normalize(lastName, Normalizer.Form.NFD).replaceAll("\\p{InCombiningDiacriticalMarks}+", ""));
firstName = firstName.replaceAll("[^a-zA-Z0-9]", "").toLowerCase();
lastName = lastName.replaceAll("[^a-zA-Z0-9]", "").toLowerCase();

That would be a great addition to the rule, I tested it out and it works well!

If you’re comfortable with creating a PR to add this new code feel free, otherwise I can take care of it for you. I would add it to the sanitation checks like below:

if(firstName != null) {
    firstName = (Normalizer.normalize(firstName, Normalizer.Form.NFD).replaceAll("\\p{InCombiningDiacriticalMarks}+", ""));
    firstName = firstName.replaceAll("[^a-zA-Z0-9]", "");

if(lastName != null) {
    lastName = (Normalizer.normalize(lastName, Normalizer.Form.NFD).replaceAll("\\p{InCombiningDiacriticalMarks}+", ""));
    lastName = lastName.replaceAll("[^a-zA-Z0-9]", "");

if(otherName != null) {
    otherName = (Normalizer.normalize(otherName, Normalizer.Form.NFD).replaceAll("\\p{InCombiningDiacriticalMarks}+", ""));
    otherName = otherName.replaceAll("[^a-zA-Z0-9]", "");

@tyler_mairose Thank you so much for testing it out, you saved me a ton of time and tickets :slight_smile:
please feel free to take care of it and use it in your code


My pleasure, thank you for your contribution!

What happens in the scenario when you run out of letters of the surname? ie There are 6 ‘Sam Smith’ in your database Do they not get a username?
Why not add a number afterwards and then you’ll never run out of options

1 Like

@phil_awlings that’s a great edge case and suggestion for improvement! Would you be interested in making a pull request for this change?

Hi Jordan,

Absolutely, How would I go about doing that?


1 Like

Hey @phil_awlings , You can make a PR against the rule here!