Create account with same email before email verified

Hi,
We want to achieve that user can create account(signup) with the same email, when the email is not verified.
Currently, I didn’t see document that can accomplish this setting. Is this possible?

Scenario:
User create account with email(xxx@mail.com), (no.1 signup)
(no.1 email send to User)
User didn’t go to email to verify,

User creates another account with the same email.(no.2 signup)
(no.2 email send to User)
User verify with no.2 email verification
User login with email, and the data is bind with second sign up.

Thanks,
Hancort

Hi Hancort,

This is not easily done. It (probably) is possible, but would require a lot of effort.

E-mails must be unique, you cannot have two account with the same e-mail. It doesn’t matter if they are verified or not.

This use case doesn’t make sense to me. What happens to the first account, especially after the first account verifies?

John

As @john.gateley said, the use case doesn’t make much sense.

Why would the user signup again and not just simply use the “Password forgotten” functionality to reset his password, in case he’s forgotten it.

Also, as soon as both accounts are verified, which one takes a higher priority? (You probably see the security issues with that.)

Why not just auto-delete non-verified accounts after a certain period of time? And make your application requiring email verification in the first place to actually proceed with using it.

Hi @mathiasconradt @john.gateley,

Thanks for the quick reply, sorry for the belated response.
The reason we want to check if this scenario is doable, there are a couple of reasons.

The main reason, our account provider just migrate from AWS cognito to auth0, and this is doable in AWS. Therefore, we need to change some UX design and signup flow. If possible, we will want to remain the same.

Some other reason is based on some corner case, such as user email and username have been registered by Malicious. In this case, we will implement auto-delete in a certain period of time.

BTW, the case “both accounts are verified” are not possible in cognito. Once email could only be verified once.

Thanks,