Find the Correct Linked User

rueben.tiow · March 2, 2024, 12:53am

Problem statement

There is a requirement to link two users associated with the same connection as a secondary account to another connection. For further information, refer to User Account Linking.

However, when the user attempts to log in from one of the linked secondary accounts, it is not possible to identify which instance of that user is logging in during the execution of Rules or Actions.

Explain how Rules or Actions can identify which instance of a linked user account is associated with the current login flow.

Steps to reproduce

In summary:

Link more than one account from a connection
Log in with one of those accounts
The instance of that user’s linked identity cannot be clearly determined from within Rules or Actions

Cause

During the execution of Rules or Actions, it is possible to determine the active connection. However, the linked secondary identity cannot be ascertained. This is a current limitation of the product.

Solution

Current Limitations

The ideal solution is to have the currently logged-in user’s identity linked as a secondary account in the Rules and/or Actions.

Actions Limitations

At this moment in time, Actions has the following limitations about Account Linking:

primary_user_id is limited to 128 characters
setPrimaryUser can be called once per transaction
Any userMetadata set in the same Action as setPrimaryUser is discarded and will be lost. Subsequent Actions within the same transaction will retain userMetadata on the new primary user.
setPrimaryUser can not be used in the same transaction where a Rule sets context.primaryUser.

For further information, refer to Actions - Limitations

Login Flow of Actions

The Login Flow of Actions currently only permits changing the Primary user for the login transactions. This is achieved through an API call to api.authentication.setPrimaryUser(primary_user_id)
For further information, refer to Actions Triggers - post-login API Object

Request the feature

At the time of this writing ( February 2024), there is no solution to determining the linked secondary identity. Customers who would like to see this feature in a future release of Auth0 are encouraged to submit a feature request via our Customer Feedback page. This will help our Product team to determine priorities for future releases.

Topic		Replies	Views
Account Linking in Actions - How to Keep the User Logged In Loading Knowledge Articles actions , account_linking	1	338	March 26, 2024
Migrate Rules to Action - context.primaryUser Help missing-category , other	6	358	May 6, 2024
Account linking issues Help extensibility , actions-extensibility	6	1428	October 11, 2023
Link accounts in post-login action. Will next handler see the change? Help user-management , account-linking	4	733	December 19, 2023
Account Linking Using Post-Login Actions Knowledge Articles account-linking , actions , post-login-action	1	3871	September 7, 2022