The Auth application should allow an external provider to be able to "lock" the username and real name attributes of a user when adding their account. This would prevent these from getting out of sync and thus maintaining a single username throughout all the systems used by a team.
This came up recently because I was writing some scripts that automate tasks and I noticed some usernames did not match the external account name. This plus the fact that you cannot query a users external accounts through the phabricator API made the script break on these users. I had to manually fix each user who was out of sync in MySQL.
This could also be fixed by exposing the external account information in the web API but I believe being able to enforce consistent usernames across the companies systems is more valuable.