Hi Julie,

Looking at the IdP v5.0.14 source code, I can give you a precise answer on where this limit comes from.

Root cause

The limit is not in the IdP component itself. The component's UserData.ExternalId field is plain Text with no restrictive length. The bottleneck is the platform's ossys_user.External_Id database column, which is constrained to 36 characters (GUID-length by design). This is a platform-level schema constraint that no Forge component can change.

The v5.0.14 release note about "improved session registration code to prevent truncate errors" means they added error handling so the truncation no longer crashes the login flow. But the underlying limit remains, because the ossys_user table is owned by the OutSystems platform, not by the component.

Asking the component authors to "update the field to 254 chars" is not in their power to do.

If you want the platform to support longer External_Id values, the right  channel is https://www.outsystems.com/ideas/.

Practical workaround (no component customization needed)

The IdP's Config_UserMappings lets you map SAML claims to user fields independently. The key insight: ossys_user.Username supports up to 250 characters, which comfortably fits RFC 5321 email addresses.

Reconfigure your claim mappings in the IdP backoffice:

1. Map the long email address to Username_Attribute instead of ExternalId_Attribute. This writes to ossys_user.Username (250 chars).

2. For ExternalId_Attribute, use a shorter identifier from your IdP (employee ID, short UPN) or leave it unmapped if your setup doesn't require it.

This is purely a configuration change. No OML customization, no component forking.

Let me know if the mapping reconfiguration works for your setup.