diff --git a/src/Configuration/OAuth2Configuration.php b/src/Configuration/OAuth2Configuration.php
index 1a08383..7fca5a4 100644
--- a/src/Configuration/OAuth2Configuration.php
+++ b/src/Configuration/OAuth2Configuration.php
@@ -10,12 +10,14 @@
 final class OAuth2Configuration
 {
     public const SSO_USER_ID_PLACEHOLDER_URL = '{userId}';
+    public const SSO_USER_EMAIL_PLACEHOLDER_URL = '{email}';
 
     public function __construct(
         private readonly string $ssoAccessTokenUrl,
         private readonly string $ssoAuthorizeUrl,
         private readonly string $ssoRedirectUrl,
         private readonly string $ssoUserInfoUrl,
+        private readonly string $ssoUserInfoByEmailUrl,
         /** @var class-string<SsoUserDto> */
         private readonly string $ssoUserInfoClass,
         private readonly string $ssoClientId,
@@ -48,6 +50,11 @@ public function getSsoUserInfoUrl(?string $userId): string
         return str_replace(self::SSO_USER_ID_PLACEHOLDER_URL, $userId, $this->ssoUserInfoUrl);
     }
 
+    public function getSsoUserInfoByEmailUrl(string $email): string
+    {
+        return str_replace(self::SSO_USER_EMAIL_PLACEHOLDER_URL, urlencode($email), $this->ssoUserInfoByEmailUrl);
+    }
+
     /**
      * @return class-string<SsoUserDto>
      */
diff --git a/src/DependencyInjection/AnzuSystemsAuthExtension.php b/src/DependencyInjection/AnzuSystemsAuthExtension.php
index 55d147c..5bd8bca 100644
--- a/src/DependencyInjection/AnzuSystemsAuthExtension.php
+++ b/src/DependencyInjection/AnzuSystemsAuthExtension.php
@@ -95,6 +95,7 @@ public function load(array $configs, ContainerBuilder $container): void
                     ->setArgument('$ssoAuthorizeUrl', $oauth2Section['authorize_url'])
                     ->setArgument('$ssoRedirectUrl', $oauth2Section['redirect_url'])
                     ->setArgument('$ssoUserInfoUrl', $oauth2Section['user_info_url'])
+                    ->setArgument('$ssoUserInfoByEmailUrl', $oauth2Section['user_info_by_email_url'])
                     ->setArgument('$ssoUserInfoClass', $oauth2Section['user_info_class'])
                     ->setArgument('$ssoClientId', $oauth2Section['client_id'])
                     ->setArgument('$ssoClientSecret', $oauth2Section['client_secret'])
diff --git a/src/DependencyInjection/Configuration.php b/src/DependencyInjection/Configuration.php
index 0dd4757..509d535 100644
--- a/src/DependencyInjection/Configuration.php
+++ b/src/DependencyInjection/Configuration.php
@@ -137,6 +137,13 @@ private function addOAuth2AuthorizationSection(): NodeDefinition
                         OAuth2Configuration::SSO_USER_ID_PLACEHOLDER_URL,
                     ))
                 ->end()
+                ->scalarNode('user_info_by_email_url')
+                    ->defaultValue('')
+                    ->info(sprintf(
+                        'You can use placeholder "%s", which will be replaced with user email.',
+                        OAuth2Configuration::SSO_USER_ID_PLACEHOLDER_URL,
+                    ))
+                ->end()
                 ->scalarNode('access_token_cache')
                     ->cannotBeEmpty()
                     ->defaultValue('cache.app')
diff --git a/src/HttpClient/OAuth2HttpClient.php b/src/HttpClient/OAuth2HttpClient.php
index 6cc3604..f16e0b4 100644
--- a/src/HttpClient/OAuth2HttpClient.php
+++ b/src/HttpClient/OAuth2HttpClient.php
@@ -70,6 +70,25 @@ public function getSsoUserInfo(?string $id = null): SsoUserDto
         }
     }
 
+    public function getSsoUserInfoByEmail(string $email): SsoUserDto
+    {
+        try {
+            $response = $this->client->request(
+                method: Request::METHOD_GET,
+                url: $this->configuration->getSsoUserInfoByEmailUrl($email),
+                options: [
+                    'auth_bearer' => $this->requestAccessTokenForClientService()->getAccessToken(),
+                ]
+            );
+
+            return $this->serializer->deserialize($response->getContent(), $this->configuration->getSsoUserInfoClass());
+        } catch (ExceptionInterface $exception) {
+            throw UnsuccessfulUserInfoRequestException::create('User info request failed!', $exception);
+        } catch (SerializerException $exception) {
+            throw UnsuccessfulUserInfoRequestException::create('User info response deserialization failed!', $exception);
+        }
+    }
+
     /**
      * @throws UnsuccessfulAccessTokenRequestException
      *
diff --git a/tests/DependencyInjection/AnzuSystemsAuthExtensionTest.php b/tests/DependencyInjection/AnzuSystemsAuthExtensionTest.php
index f6fc1ea..9bab4c7 100644
--- a/tests/DependencyInjection/AnzuSystemsAuthExtensionTest.php
+++ b/tests/DependencyInjection/AnzuSystemsAuthExtensionTest.php
@@ -146,6 +146,7 @@ private function getFullConfig(): array
       user_repository_service_id: App\Repository\UserRepository
       authorize_url: 'https://example.com/authorize-url'
       user_info_url: 'https://example.com/user-info-url'
+      user_info_by_email_url: 'https://example.com/user-info-by-email-url'
       state_token_salt: 'qux-quux'
       access_token_url: 'https://example.com/access-token-url'
       redirect_url: 'https://example.com/redirect-url'