I’m trying to understand if it is still possible to automatically link accounts that use the same email (email/pass, Google oAuth, etc.), and if so why it is or is not a good idea.
I want to allow “team invites” on my service which would be be done via email. But this complicates things if multiple users have the same email. So to prevent this I want to keep emails unique.
I’ve seen that automatic account linking has been removed from the Rules because it allows for “account hijacking”. In that case, I want to just prevent users from creating accounts that use existing emails and tell them to use manual linking instead. But I can’t figure out how to prevent the sign up, let alone notify them to link accounts instead.
Is there a way to accomplish what I want?