Account linking with Auth0 actions

I have a user with verified e-mail abc@domain123.com in my application, logged in with passwordless. We are now enabling SSO for domain123, and I would like a seamless experience when abc@domain123.com signs in with SSO the first time (in other words, I don’t want to present the user with any account-linking GUI. It should “just” work). I’m aware that there are some potential security vulnerabilities when doing seamless account linking, but in this specific scenario it’s ok.

I have been in contact with Auth0 support where we discussed doing this in a rule, and I’m about to start implementing that. But then I log-in to auth0 and discover we now have something called actions :mega:.

Rules, hooks and actions :sweat_smile:

So in other words, is account-linking something I should accomplish using an action instead? And in case the answer is yes, what flow should I pick? Would love some general feedback on this one :relaxed:

update
I now have a working action that does the account linking. Works pretty good, so I will recommended using an action. Because of some logging limitations in auth0 custom actions, I have decided to move the actual code to a server-function we host, and then let the action call this endpoint.

If requested, I can add specific code snippets, but the most important part is to use the mgmt API to link the users, and then return the “new” primary user like this:

event.user = primaryUserAfterAccountLink;
return {
  user: primaryUserAfterAccountLink
}

cheers :beers:

1 Like

Thank you for sharing your solution with the Community @alexab!

Quoting your solution here for others to see! :slight_smile: :