diff --git a/src/backend/core/external_api/viewsets.py b/src/backend/core/external_api/viewsets.py
index 2c663902..50d59f99 100644
--- a/src/backend/core/external_api/viewsets.py
+++ b/src/backend/core/external_api/viewsets.py
@@ -98,6 +98,7 @@ class ApplicationViewSet(viewsets.GenericViewSet):
             if (
                 settings.APPLICATION_ALLOW_USER_CREATION
                 and settings.OIDC_FALLBACK_TO_EMAIL_FOR_IDENTIFICATION
+                and not settings.OIDC_USER_SUB_FIELD_IMMUTABLE
             ):
                 # Create a pending user without sub, but with an email.
                 user = models.User(
diff --git a/src/backend/meet/settings.py b/src/backend/meet/settings.py
index bf9bbdba..0bc32cde 100755
--- a/src/backend/meet/settings.py
+++ b/src/backend/meet/settings.py
@@ -406,6 +406,10 @@ class Base(Configuration):
         default=False,
         environ_name="OIDC_FALLBACK_TO_EMAIL_FOR_IDENTIFICATION",
     )
+    OIDC_USER_SUB_FIELD_IMMUTABLE = values.BooleanValue(
+        default=True,
+        environ_name="OIDC_USER_SUB_FIELD_IMMUTABLE",
+    )
     OIDC_TIMEOUT = values.IntegerValue(
         5, environ_name="OIDC_TIMEOUT", environ_prefix=None
     )