Description: Description: Currently auth0 actions are not supporting account linking, leaving us basically with 2 options:
a) to use account linking extension (Account Link Extension) that depends on deprecated feature - rules
b) develop separate flow (user-initiated) for account linking after user is logged in with not-linked account
Use-case: Assume we are providing our users with multiple login options (email/social). We want to prevent duplicated accounts, the experience should be seamless (without unnecessary redirects required in a workaround - user-initiated flow) and well supported (cannot use features that will be deprecated in following months).
This should be part of universal login. What the point of using Auth0 if we have to re-invent the wheel for everything? Dear Auth0, please act or post a solution here, thanks!
It is possible to link accounts via actions with some limitations it seems.
I used the management API to link 2 accounts from the Post-Login action and it seems to be working fine. The caveat is that it must link to the account being authenticated (the most recent) otherwise the account would no longer exist after linking. For me this causes the user to be redirected to the login page and although the login would work on the second time, it’s not really good experience.
As an improvement, data from the older account can be copied to the new account (logs, login_count, etc. will still be lost though but that’s acceptable for out use case).
An updates on this? This is a crucial feature for us as account linking is a built in functionality of our current authentication flow for millions of users.
I am surprised there’s no mention of the Account Link Extension being deprecated on its page or that User Account Linking still suggests to use it. That is so misleading.
Previously, Auth0 has provided and maintained code within rules, which allows us to install the script, and account linking is provided. (Docs at Account Link Extension )
With rules being deprecated, there has been no migration path provided for this functionality and at present, it appears we are either going to lose it or be required to write our own code.
Could I please request that auth0 maintain this functionality they previously provided as a standard universal login feature or within their new actions marketplace?
A lack of a migration path is preventing us from switching over to actions here.
Dear Auth0 - like many before me said, we need a solution and please not one with redirects like mentioned in this help page.
You say that email is not safe enough to make sure this is not a fraud user - why ? if the authentication provider (be it social / saml/ your db) say this user was authenticated , then what’s the issue to just merge it ?
have a feeling you came up to really complicated flow with no reason at all.
Dan Woda is no longer with Okta/Auth0. There are many issues in this forum, it is difficult for engineers to notice all of them. With a paid subscription support is available, so if it is a deal-breaker for your production environment I would suggest opening a support ticket.
We also filed a support ticket and were directed to help pages that recommended using the existing Account Link Extension or creating our own home-grown solution including custom UI. I also hope they come up with a better solution for customers.
I am now looking into this myself and it is a confusing situation as the official docs still suggest using the Account Link Extension, which people say here is based on the depreciated Rules functionality.
We used to use the linkUsersByEmail rule which was easy and simple. Is there a simple replacement?
