Hi @guzeev,
If you soft delete a user, they should be able to log in to their account without signing up again. This is because their account has not been permanently deleted. Therefore, if they try to sign up, they will run into the “The user already exists” error for this scenario.
For this to work, you could use a post-login action instead to check the user_metadata.soft_delete field. If it’s true, you could redirect them to another page to see if they would like to recover their account. If it’s false, they can continue logging in as usual.
As for your second question, you can perform an HTTPS request to your backend in your Action. I suggest referring to this knowledge article for an example to make this request.
For storing secrets, you can include them in the Secrets section in your Action script. I recommend checking out this documentation on how to accomplish this.
Thanks,
Rueben