Hi @Andrea,
This will be more tricky to implement as a user is not expected to use the function internal returned id for any user logic.
The idea of a custom function auth is that you implement your logic to your external 3rd party application provider and return a value that maps with a Realm User internally, the example in the docs is simple just for the idea presentation.
But for the sake of my point, since your logic provide a unique username and will always retrieve same realm user_id you should treat it as the user id. If you wish to store some additional information in that collection index the username field and query it through user name.
Now to implement collection rules you can still provide a filter based on user_id of realm.
If you wish to still retrieve this ID anyway you need to consider save it in custom user data or have a webhook to get it after the login from the collection.
Best
Pavel