I’m using Auth0 with a React SPA to authenticate my API. My scenario is that I’m only allowing social logins like Google and Facebook and no database authentication is allowed. In this case, if a user signs in for the first time, and the React app makes an API call with his/her access token how am I to detect that the user is a first time visitor and get his/her info from
/userinfo endpoint and create a new entry for user in my DB?
Currently, the way I’m checking thid on my API calls is - I’m extracting
sub field from the access token and using it as a unique user ID on my DB. If i get existing data, I assume that the user is a repeat user, otherwise I’m creating a new profile by querying
/userinfo endpoint first and getting more data on user.
However, doing this on each and every API call is inefficient as it incurs one extra DB call everytime.