Is it possible to encrypt username on the URL?

Current URL scheme of the user servers is:
/user/:username[/:servername]
(JupyterHub URL scheme — JupyterHub documentation)
Username can be an email, so real life example could be:
/user/my_email@org.org/lab

Above structure is very nice for administration, but is unfortunatelly defined as OWASP vulnerability (sensitivie information exposure via URL):

Is it possible to encrypt the username via Proxy or other configuration on the jupyterhub helm charts?

Which authenticator are you using? There is a normalize_username method in the authenticator that you can overload to create a map between user email and username.

OKTA and Azure.
Am aware of that option, however - i would like to keep the email on the database

I dont think JupyterHub DB supports storing username and user email. What is your use case? Why would you need user’s email in JupyterHub’s DB?

Primarally - better contact with the user (user sends complaint with his email that server is not working and we can find his server and debug).
Found one solution which is very intrucive:

1. Overriding the escaped_name property of User model jupyterhub/jupyterhub/user.py at 2a8949532399813df4b4eb93847181d74fbd7050 · jupyterhub/jupyterhub · GitHub so all the references on handlers redirections would guide to the “pseudonyme”
2. Extended BaseHandler jupyterhub/jupyterhub/handlers/base.py at 2a8949532399813df4b4eb93847181d74fbd7050 · jupyterhub/jupyterhub · GitHub so with a metaclass which add a wrapper on all get,post,patch methods to convert pseudonym to real username so it can be found on the DB.

Am investigating posibility to use username mapping(modified version so we dont need to create a map each time). Still probably need to rewrite /users api response a bit so we can view need information on the admin view.

p.s. we also have custom services that do rely on the user email