Duplicate Email addresses not flagged in Summary Report (changeyouremail@scoutbook.com)

We have about 1250 counselors in our Council MBC upload. In that group, 11 counselors show up with the “chageyouremail@scoutbook.com” error, and 5 have the "changemyemail@scoutbook.com errors. (Why the different wording?)

I only discovered this problem when I was browsing thru the Scouting Forums and happened across a description of this issue. Once I learned of the issue, I downloaded our current MBC list from ScoutBook and discovered we have 16 users with the duplicate email addresses. This was not mentioned in any of the documentation on ScoutBook that I have read.

  1. The preliminary Summary Report file generated during MBC Upload does not flag this as an error. It should flag this duplicate email error just like it flags missing BSA MemberIDs, bad Badge names, etc.

  2. We need a way to identify which accounts in ScoutBook use a shared email address. Otherwise, how can we direct the user to the accounts that need to change. In looking thru the documentation and this Forums, I could not find out how to identify the accounts that share an Email address. The error should return some identifier (user name, BSA MemberID, ??) of the accounts that share the requested Email address.

  3. Why does ScoutBook require that Email addresses be unique? If it requires a Unique identifier for each user, it shouild generate its own unique identifier. Or better yet, use one of the already available ones like BSA MemberID. Using the Email address creates an opportunity for users to cause problems. (Witness our 16 users.) It also presents opportunities for users to break the existing system when they change their Email address. And finally it appears to be common for families to create an Email for Scouting, and share it between the parents, and maybe the scouts.

Thanks,
Greg Buchanan

In practice, there’s no way to figure out what’s a shared email address and what isn’t until a second user attempts to use it and it gets kicked back. A lot of these happen when the registrar gets an adult or youth application that “re-uses” an email already in the system. It seems like these would need to be addressed by specifying, on the application, that all email addresses must be unique for each person. Then, if a non-unique email address comes in, the registrar kicks it back to the unit/MBC to request a unique email address. That might not be practical, and would have costs (e.g. delays, extra work) associated with it.

Other email address issues happen when an adult logs in at my.scouting to take YPT prior to registering, and uses a shared (or non-matching with their existing Scoutbook account) email address there. Again, there needs to be clear instructions there, in a place the user will actually read them, setting forth the limits on the email address that can be used, and then running a real-time database query to make sure it’s not already in use with another user/account. If it is, let the person know it’s already in use.

As an assistant registrar for our council, I am fairly sure that ScoutNet does not require or enforce uniqueness in Email addresses. This is something that ScoutBook has imposed. And I guess I don’t understand why ScoutBook feels Emails must be unique.

At first I thought they might be using it as a unique identifier in ScoutBook. But I have now looked at some of MBC ScoutBook istings for counselors with the “Changeyouremail@scoutbook.com” and they show up just fine, but with the useless “changemyemail@scoutbook.com” listed as their Email. So if Scoutbook functions correctly with our 16 counselors all sharing the “changemyemail@scoutbook.com”, why can’t if function correctly with two accounts sharing an email?

1 Like

Consider the following hypothetical:

  1. Non-leader Parent1 registers in Scoutbook with email1@anyispyouchoose.com.
  2. Scout is added to Scoutbook, and Parent1 sets Scout’s email address to email1@anyispyouchoose.com.
  3. Non-leader Parent2 registers in Scoutbook with email1@anyispyouchoose.com.

Now, since none of these folks are leaders, they login with their email addresses, not my.scouting credentials. Which account does the system serve in exchange for that username AKA email address?

  • Parent1?
  • Scout?
  • Parent2?

When someone emails the parents (but not scouts) from Scoutbook, with the intention to discuss things that are not intended to be discussed with the scouts, if a scout shares that email address with a parent, they will also receive the email intended to just go to parents.

ETA:

Sorry, I missed the tail-end of your question when I read it the first time. I’ll say that it doesn’t function properly with the bogus email addresses, not if those counselors tried to login with those email addresses. Rather, the counselors log in (assuming they login) with their my.scouting credentials, which are required to be unique.

Charley, I fully understand the need for uinque Login names. I complete spaced out that ScoutBook is suggesting an Email address as the user name. (I haven’t typed a Username in ages. I let LastPass do it for me.) However, I am pretty sure it does not require it to be an Email, it just it needs to be unique. For example my login name for ScoutBook is not a complete email address. It is just my username without the “@gmail.com”. And it works just fine. My Email address configured in ScoutBook is different from my login name.

So back to the issue of duplicate Emails. Yes I understand that my ScoutBook User name must be unique in ScoutBook. And that a good way to get people to create a unique user names is to use a complete Email addresses as a user ID. But I fail to see why Scoutbook requires that no one else in ScoutBook share my Email address, which is set on the My Account → Email field of ScoutBook. User names and Emails are completely separate items.

Greg

1 Like

Historically (before the BSA purchased it), Scoutbook required a complete email address (username and domain) for every user as their username. Otherwise, myname@gmail.com would be the same account as myname@hotmail.com, when in fact those might be two different people. It didn’t offer an alternative to use a non-email address. I suspect it was deemed easier to use the email address as a username, since each person presumably remembers their own email address better than they might recall yet another username. Not everyone uses credential management systems.

However, after the BSA purchased Scoutbook, they began transitioning to using single-sign-on authentication based on our my.scouting credentials for registered leaders, and retained the email address as username for everyone else (unless that person also has a my.scouting account for another reason, but that’s somewhat different). Since leaders need to be emailed, too, email addresses were retained as part of the messaging system.

Based on your description, I would conclude that your my.scouting username is the same as the username portion of the email address that you are using, although I can’t prove that. I assume it works the same way for authentication of council admins as it does for other leaders.

Regarding why Scoutbook was architected to compel unique email addresses, I would conclude that it’s easier to store one email address, and use it as both username and messaging target than it is to store one email address as “credentials” and another as “message target”, when for the majority of people, these values will be the same. It’s extra overhead that isn’t generally necessary and adds a lot more complexity on both the user side and developer side associated with managing both emails for different purposes. I can see situations where information I want to share with unit leaders (for example a disciplinary matter or health issue related to my scout), but not with non-leader parents in the unit, is being transmitted over email via the messaging feature in Scoutbook. A non-leader parent who shares an email account with an adult leader would receive that information. Similarly, if one of them decided they didn’t want to receive Scoutbook emails (or just clicked it by mistake), they set the “unsubscribe” flag for the non-unique email address, and now Scoutbook doesn’t email either of them. I can see a lot of potential use cases where unique email addresses are essential to avoiding (or at least minimizing) problems.

Usernames and emails are only completely separate items for the minority of us who are registered leaders. For every parent-who-isn’t-a-leader and every scout who doesn’t have an account at my.scouting, username = email address. For that reason, I expect that they have to enforce uniqueness of email addresses. If they want to overhaul the entire system and go to unique usernames which may be unrelated to email addresses, I suppose they could do that, but I don’t see what that really buys anyone, unless it’s associated with having an SSO system implemented, so that only one authentication database is maintained. That would require everyone to have the equivalent of my.scouting credentials, that they would then have to remember.

I’m not arguing there aren’t other ways to architect the credentials system. It’s just not structured that way, and there are at least several cases I can think of off the top of my head that could cause problems if shared email addresses were permitted.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.