As Data Platform Principal Engineer
I want to use emails as Kafka usernames when OAuth authentication is configured
so that I can use Databricks as SSO provider to reduce the amount of credentials that I need to manage and share with each user. This also improves security, because it automatically disable the access when someone leaves the company.

In particular, when I am using a Databricks Service Principal for the authentication, it works as expected. The Databricks Service Principal is identified by an unique UUID. To make it working I have added a Kafka service user with that UUID as a name and the I have added ACLs on it.
I can't do the same for Databricks users because they are identified by emails.
The problem is that I can't create Aiven Kafka service users with a @ character.

This is a big limitation for my company because it doesn't allow us to use the full power of the OAuth Bearer Token on our Kafka clusters and reduces the integration between the my Data Platform and Aiven Kafka.