Right now the signup form uses the users API to check username availability; this does not allow username control extensions to influence the process so the user might not get any warning about an invalid username until after posting the form. It also does not support a "this is how the username will actually look like" response (e.g. automatic sentence casing). There should be an API (a new one or a part of createaccount) which does this via AuthManager.
- Mentioned In
- T147024: Striker should respect TitleBlacklist bans on new account names
T110747: Rewrite the account creation API to use AuthManager
- Mentioned Here
- T110282: Update extensions which are deployed on the Wikimedia cluster to use AuthManager
T111303: Create password verification API with AuthManager
This is resolved now with the introduction of AuthManager, and specifically the addition of usprop=cancreate to API action=query&list=users.
There's no timeframe for when this will be available on WMF wikis, though, beyond "soon". The next step will be to resolve T110282, then a gradual deploy while watching for things to break.
Note that this API does not work well with extensions which have not been updated to support AuthManager, since the old interface does not have a separate concept of "can an account with this name be created" and "can an account with this name be created, given the contents of the account creation POST request" (so e.g. ConfirmEdit would block all usernames since it would be looking for the captcha solution in the API request).