When a person's account is created through a SCM change, it's essentially a dummy user that gets auto-populated without any details.
There would need to be an API method for the SCM to request sync of a user from the Security Realm. Currently, as there are lots of cases where the SCM user may not have anything even closely resembling a login id for the security realm.