Why does upstream OAuth registration limit username to 14 characters?

[matrixbot]

This issue was originally created by @eforest at https://github.com/matrix-org/matrix-authentication-service/issues/2454.

Why does upstream OAuth registration limit username to 14 characters? Is there any reason regarding integration with matrix-home-server?

see https://github.com/matrix-org/matrix-authentication-service/blob/main/policies/register.rego [21-23]

Best Regards

[matrixbot]

This comment was originally posted by @sandhose at https://github.com/matrix-org/matrix-authentication-service/issues/2454#issuecomment-2003590642.

I think this is a leftover from when I implemented the policy engine. There are no good reason for this arbitrary limit

[matrixbot]

This comment was originally posted by @sandhose at https://github.com/matrix-org/matrix-authentication-service/issues/2454#issuecomment-2003610887.

2471 bumped the limit to 64 characters. It's still a somewhat arbitrary limit, but probably better than before. I need to investigate what would be the impact of a very very long MXID

[matrixbot]

This comment was originally posted by @thegcat at https://github.com/matrix-org/matrix-authentication-service/issues/2454#issuecomment-2048401685.

Quick heads-up here as we ran into the other side of the problem (a user with a 2-character username getting bumped by MAS, issue incoming): the spec only limits the total length of the MXID to 255 characters, so the upper bound for a username would be 255 - length of the server name - 2.