Auth0 user with added Salesforce Oauth

Hi, I’m wondering why this very common scenario is not in the docs (from what I can find)

Here’s what I want to have happen:

  1. User gets created through the management api from our server backend
  2. User receives an “invite” or reset password link so that they can set a password of choice
  3. User logs in and is then redirected to our app.

All of the above works fine. Now this user can activate a CRM integration of choice. let’s say that the user selects Salesforce. Here’s what I want to have happen:

  1. User clicks a link in the app which then redirects to some “Add-salesforce-authentication-to-my-user” flow in Auth0
  2. Our Auth0 account is setup with private key and secret for Salesforce OAuth to our app
  3. User is redirected to Salesforce, and logs in and accepts the OAuth2 permission requests
  4. User is redirected back to Auth0 and the token and refresh token is stored in the Auth0 user.
  5. Finally Auth0 redirects the user back to our application.

This above is the full example but the essential use case is that you have a Auth0 user X, and then you should be able to append a social login to that same user.

If we add “Social connections” now, and the user tries to use that, then it creates a new unique Auth0 user which is not connected to the real user. This seems very backwards to me and I don’t understand what the purpose of having it like this by default would be?

If there is any docs for this or any example anywhere please direct me there.


Is this NOT a common use case? if so, what are people doing instead?

Following any user authentication tutorial online that adds OAuth2 will almost always have a local user to which the identities attach… so I don’t understand what is so different here.

I understand that from a signup perspective it is more complicated to know, but once you have an existing signed in user, why can’t we just attach the Salesforce identity to that user?