Add multiple email addresses to the same user

Is there any way to add multiple email addresses to the same user?

I assume this could be done via account linking.

We’re using WordPress. Is there any way to do it from the auth0 dashboard, or do we have to implement a custom feature on our webapp to allow users to link their 2 accounts?

Thanks!

Hi @simon.stekler

You can link via the mgmt API. But be very careful with this, if you link a valid account with an attacker’s account, the attacker will have full access to the valid account.

The question is why? What’s the use case? Email is fundamental to identity so adding identities is very complex and should be evaluated thoroughly for security issues.

John

1 Like

Hi @john.gateley hn,

Thanks for the response.

I understand this is usually an inherently bad idea - some employees would like to be able to log into our company app with their company OR personal email address.

I think we scratched the idea though - you are right!

1 Like

What endpoint in the mgmt API allows this?

Sorry, that didn’t come across very clear. That link goes to the endpoint, not the overall doc page.

There’s plenty of reasons for this, and tying identity too closely to email isn’t a great idea, as they are not the same thing.

Take, for example, a consultant who works at multiple client sites; some choose to use the consultancy email address, some choose to assign them a client-specific address. They are still the same person, and should only have to identify themselves once whilst allowing for different contexts for that identity.

An alternative example is custom domains for emails, and now throw-away emails. One user may have many or even all addresses at a domain; perhaps again using them to split context, not ID.

I would want to be able to enable that one user to verify all their email addresses as theirs (just like a home and office postal address). This would be especially useful in using Auth0 when allowing tenants to automatically approve emails from certain domains (e.g. client domains) without users having to split their personality and create two identities.

Hi @elliot_lgm

Welcome to the Auth0 Community!

I highly encourage you to file a feature request for that using our Feedback category here:

Feedback

Submit and vote on product feedback and feature requests.

Thank you!

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.