We are implementing custom login; if a user creates an account and then logins with a social account how do we recognize its the same user? Same question if the user first logins with a social account and they attempts to create a user profile. Can it be always detected and what are best practices to handle this?
Thank you
You can either link accounts automatically if they have the same email address using a rule: Auth0
or do this manually via the API see: https://auth0.com/docs/link-accounts
(it appears you will need a paid subscription to link account via the api)
Thanks for your help 
We have been doing some testing but it seems when a user logins through with facebook account from Auth0 the email address is not returned by the API…?
After the user logs in (authenticated), using the available token, you should make a call via the management API to get the user which will return the UserId. You can create a rule to add additional claims that will also get sent back, you can include other user properties and metadata via the rule.