From f00a997167fd4755673ec3559cf059b19d1b3930 Mon Sep 17 00:00:00 2001
From: Pedro Maia Costa <550684+pnmcosta@users.noreply.github.com>
Date: Fri, 21 Feb 2025 14:17:42 +0000
Subject: [PATCH] [management] fix grpc new account (#3361)

---
 management/server/grpcserver.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/management/server/grpcserver.go b/management/server/grpcserver.go
index 9d1bc1deb..3d170afa4 100644
--- a/management/server/grpcserver.go
+++ b/management/server/grpcserver.go
@@ -276,11 +276,16 @@ func (s *GRPCServer) validateToken(ctx context.Context, jwtToken string) (string
 	}
 
 	// we need to call this method because if user is new, we will automatically add it to existing or create a new account
-	_, _, err = s.accountManager.GetAccountIDFromUserAuth(ctx, userAuth)
+	accountId, _, err := s.accountManager.GetAccountIDFromUserAuth(ctx, userAuth)
 	if err != nil {
 		return "", status.Errorf(codes.Internal, "unable to fetch account with claims, err: %v", err)
 	}
 
+	if userAuth.AccountId != accountId {
+		log.WithContext(ctx).Debugf("gRPC server sets accountId from ensure, before %s, now %s", userAuth.AccountId, accountId)
+		userAuth.AccountId = accountId
+	}
+
 	userAuth, err = s.authManager.EnsureUserAccessByJWTGroups(ctx, userAuth, token)
 	if err != nil {
 		return "", status.Error(codes.PermissionDenied, err.Error())