Definitely save the email in your database — even if it’s a private relay address. Also, send a welcome email right after signup, so users can see which email was used and ideally encourage them to update it to a regular one or add an alternative login method (like passwordless email sign-in or OAuth).

If we were starting over, we’d make that update flow more prominent from day one. Apple’s “Hide My Email” sounds harmless until it silently breaks everything later.

Not OP, but customer identity is a component of my work. Ask users for a recovery email and/or phone number to bootstrap identity if sign in with goes sideways.