Hi, I’m wondering why this very common scenario is not in the docs (from what I can find)
Here’s what I want to have happen:
- User gets created through the management api from our server backend
- User receives an “invite” or reset password link so that they can set a password of choice
- User logs in and is then redirected to our app.
All of the above works fine. Now this user can activate a CRM integration of choice. let’s say that the user selects Salesforce. Here’s what I want to have happen:
- User clicks a link in the app which then redirects to some “Add-salesforce-authentication-to-my-user” flow in Auth0
- Our Auth0 account is setup with private key and secret for Salesforce OAuth to our app
- User is redirected to Salesforce, and logs in and accepts the OAuth2 permission requests
- User is redirected back to Auth0 and the token and refresh token is stored in the Auth0 user.
- Finally Auth0 redirects the user back to our application.
This above is the full example but the essential use case is that you have a Auth0 user X, and then you should be able to append a social login to that same user.
If we add “Social connections” now, and the user tries to use that, then it creates a new unique Auth0 user which is not connected to the real user. This seems very backwards to me and I don’t understand what the purpose of having it like this by default would be?
If there is any docs for this or any example anywhere please direct me there.