Best practice for changing email for linked accounts?

I would like to understand best practice for changing the email of an email-password account that is also linked to a social login (eg. Google login).

Are the basic steps:

  1. Unlink the account with unlink user account endpoint
  2. Delete the Google login with delete account endpoint
  3. Change email of the email-password acount with update user endpoint

Can someone confirm I am thinking about this correctly?

Thank you.

Hi @ton

Just PATCH the user to update their email address.

However, this requires a secure protocol to make sure you don’t allow account takeovers.

No need to link/unlink etc.

John

1 Like