We have Auth0 configured to allow login with Google as a social connection. When people log in, they get a user_id in the form of google-oauth2|0011223344556677889900
.
Where does this value come from, or how is it generated? Even when they log into a different Auth0 tenant, they still get the same user_id… or so I thought.
Until today, I’ve noticed that users with the same gmail address always have exactly the same user_id values among different Auth0 tenants. But today I came across a case where one user had different user_id values for the same email address! I think it’s probably related to the fact that the user’s email address changed after the initial account was created, and then one of the Auth0 accounts was deleted and re-created.
Where can I find documentation about this value that lays out exactly what assumptions are safe to make, and under what circumstances the value might change?