diff --git a/models/user_mgmt.go b/models/user_mgmt.go
index a928f528..a87a0f4b 100644
--- a/models/user_mgmt.go
+++ b/models/user_mgmt.go
@@ -138,17 +138,17 @@ type UserGroup struct {
 
 // User struct - struct for Users
 type User struct {
-	UserName           string                                `json:"username" bson:"username" validate:"min=3,max=40,in_charset|email"`
-	ExternalProviderID string                                `json:"external_provider_id"`
-	Password           string                                `json:"password" bson:"password" validate:"required,min=5"`
-	IsAdmin            bool                                  `json:"isadmin" bson:"isadmin"` // deprecated
-	IsSuperAdmin       bool                                  `json:"issuperadmin"`           // deprecated
-	RemoteGwIDs        map[string]struct{}                   `json:"remote_gw_ids"`          // deprecated
-	AuthType           AuthType                              `json:"auth_type"`
-	UserGroups         map[UserGroupID]struct{}              `json:"user_group_ids"`
-	PlatformRoleID     UserRoleID                            `json:"platform_role_id"`
-	NetworkRoles       map[NetworkID]map[UserRoleID]struct{} `json:"network_roles"`
-	LastLoginTime      time.Time                             `json:"last_login_time"`
+	UserName                   string                                `json:"username" bson:"username" validate:"min=3,max=40,in_charset|email"`
+	ExternalIdentityProviderID string                                `json:"external_identity_provider_id"`
+	Password                   string                                `json:"password" bson:"password" validate:"required,min=5"`
+	IsAdmin                    bool                                  `json:"isadmin" bson:"isadmin"` // deprecated
+	IsSuperAdmin               bool                                  `json:"issuperadmin"`           // deprecated
+	RemoteGwIDs                map[string]struct{}                   `json:"remote_gw_ids"`          // deprecated
+	AuthType                   AuthType                              `json:"auth_type"`
+	UserGroups                 map[UserGroupID]struct{}              `json:"user_group_ids"`
+	PlatformRoleID             UserRoleID                            `json:"platform_role_id"`
+	NetworkRoles               map[NetworkID]map[UserRoleID]struct{} `json:"network_roles"`
+	LastLoginTime              time.Time                             `json:"last_login_time"`
 }
 
 type ReturnUserWithRolesAndGroups struct {
diff --git a/pro/auth/azure-ad.go b/pro/auth/azure-ad.go
index fbe588ad..7aa34953 100644
--- a/pro/auth/azure-ad.go
+++ b/pro/auth/azure-ad.go
@@ -85,7 +85,7 @@ func handleAzureCallback(w http.ResponseWriter, r *http.Request) {
 		_, err := logic.GetUser(content.Email)
 		if err != nil {
 			user.UserName = content.Email
-			user.ExternalProviderID = content.UserPrincipalName
+			user.ExternalIdentityProviderID = content.UserPrincipalName
 			database.DeleteRecord(database.USERS_TABLE_NAME, content.UserPrincipalName)
 			d, _ := json.Marshal(user)
 			database.Insert(user.UserName, string(d), database.USERS_TABLE_NAME)
@@ -101,7 +101,7 @@ func handleAzureCallback(w http.ResponseWriter, r *http.Request) {
 					logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 					return
 				}
-				user.ExternalProviderID = content.UserPrincipalName
+				user.ExternalIdentityProviderID = content.UserPrincipalName
 				if err = logic.CreateUser(&user); err != nil {
 					handleSomethingWentWrong(w)
 					return
diff --git a/pro/auth/github.go b/pro/auth/github.go
index 1cb52cf9..5d2db594 100644
--- a/pro/auth/github.go
+++ b/pro/auth/github.go
@@ -86,7 +86,7 @@ func handleGithubCallback(w http.ResponseWriter, r *http.Request) {
 		_, err := logic.GetUser(content.Email)
 		if err != nil {
 			user.UserName = content.Email
-			user.ExternalProviderID = content.Login
+			user.ExternalIdentityProviderID = content.Login
 			database.DeleteRecord(database.USERS_TABLE_NAME, content.Login)
 			d, _ := json.Marshal(user)
 			database.Insert(user.UserName, string(d), database.USERS_TABLE_NAME)
@@ -103,7 +103,7 @@ func handleGithubCallback(w http.ResponseWriter, r *http.Request) {
 					logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 					return
 				}
-				user.ExternalProviderID = content.Login
+				user.ExternalIdentityProviderID = content.Login
 				if err = logic.CreateUser(&user); err != nil {
 					handleSomethingWentWrong(w)
 					return
diff --git a/pro/auth/google.go b/pro/auth/google.go
index 94db3a7c..9ba9772c 100644
--- a/pro/auth/google.go
+++ b/pro/auth/google.go
@@ -90,7 +90,7 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
 					logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 					return
 				}
-
+				user.ExternalIdentityProviderID = content.Email
 				if err = logic.CreateUser(&user); err != nil {
 					handleSomethingWentWrong(w)
 					return
diff --git a/pro/auth/oidc.go b/pro/auth/oidc.go
index 72dc2b95..2fc71f66 100644
--- a/pro/auth/oidc.go
+++ b/pro/auth/oidc.go
@@ -80,10 +80,9 @@ func handleOIDCCallback(w http.ResponseWriter, r *http.Request) {
 		handleOauthNotConfigured(w)
 		return
 	}
-
 	var inviteExists bool
 	// check if invite exists for User
-	in, err := logic.GetUserInvite(content.Login)
+	in, err := logic.GetUserInvite(content.Email)
 	if err == nil {
 		inviteExists = true
 	}
@@ -102,6 +101,7 @@ func handleOIDCCallback(w http.ResponseWriter, r *http.Request) {
 					logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 					return
 				}
+				user.ExternalIdentityProviderID = content.Email
 				if err = logic.CreateUser(&user); err != nil {
 					handleSomethingWentWrong(w)
 					return