I don’t know if its intended but shouldn’t every new account get a unique AuthId? When I delete a user that has authenticated via gmail or facebook using the management api and after that reregister the user I see that it has the same authId as before.
I use the authId to match the logged in user to the data in my database, I have no problems with the Username-Password-Authentication.
Thanks for reading!
Hi Abdurrahman,
Welcome to the Auth0 community.
When you say AuthId I’m assuming you’re referring to the user_id as it appears against the user profile for example with google this might be something like google-oauth2|11322669123418885764 (not an actual account).
When it comes to social user accounts the user_id is part of the Identity Provider Attributes i.e. it contains info retrieved from the identity provider with which the user originally authenticates so it isn’t something that Auth0 assigns. This would make sense then if the user_id is the same every time for a particular social user, even if the user is deleted in Auth0, re-instating the account would prompt google to send the same id as it is the same user from google’s perspective.
You can read more about this here https://auth0.com/docs/users/user-profiles/user-profile-structure
I hope this makes sense.
Please let me know if you have any further questions on this. Many thanks.
2 Likes