Auth0 Account Linking & Applications

rickredsix · September 23, 2023, 11:08pm

I am currently trying to create a login flow that goes like this:

User signs up with SMS passwordless OTP.
User then enters details such as email / address etc.
Check with auth0 API that email doesn’t currently exist, then add all details to user in external DB.
Prompt user to choose a password, then create a new auth0 user via the management API and link it to the current sms user, in theory allowing the user to login either way.

The issue I’m having is that while the sms user has the correct application authorized, the newly linked user does not (even if I create them using the same clientId etc.). Even though the new account is linked as secondary, it will not let me login to the application with the email / password method.

So my question is, is there anyway to achieve this flow? So allowing the user to login via passwordless SMS + email / password without them signing up twice.

dan.woda · September 27, 2023, 12:50pm

Hi @rickredsix,

Welcome to the Auth0 Community!

What is stopping the user from logging in with email/password, is it the Consent Dialogue box?

If so, you should be able to avoid it entirely on first party applications.

Hope this helps!

rickredsix · October 6, 2023, 12:29pm

Hi @dan.woda,

Sorry for the delay in responding. It wasn’t the consent dialogue box, that didn’t actually ever pop-up.

In the end, it was something that I misunderstood. I created a new Database Connection specifically for this purpose rather than using the Username-Password-Authentication one, and that was the problem. After switching the created email users to that connection, everything is fine.

Thanks,
Rick

dan.woda · October 6, 2023, 1:55pm

Thanks for the follow up!

system · October 20, 2023, 1:55pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.