Invariant user_id and changing google login

I’m implementing a new web service using auth0 to authenticate users. When the users log in, auth0 provides user_id. It’s my understanding that this user_id will be unique to that user. I will associate the user’s assets with that user_id, for ever. Whenever that user_id logs in, I give them the assets for their account.

The user_id can look like google-oauth2| for a google login, or auth0| for a username-password login.

It appears that if a user chooses username-password login, they can then change their password, email address, name, even gender, and still be given the same user_id when they log in. This is nice. It’s like opening a bank account, and changing your name, address, phone number, pin, but still having the same account and owning the same money.

But, if the user chooses to change google account used for the login, they are going to get a different user_id. I’ll need to provide some separate link, some separate administration, to connect a google-oauth2 (or any other provider) account to one of my user accounts.

Is this the way it’s meant to work? It seems rather unwieldy. Am I misunderstanding something here? Is there a standard solution to this problem?

Thanks!

1 Like

Hello :wave:

Thanks for the context and clearly-written question! :slight_smile: I’d like to clarify a few points before sharing any suggestions:

It’s my understanding that this user_id will be unique to that user.

That is mostly correct. The user_id is unique per connection.

But, if the user chooses to change google account used for the login, they are going to get a different user_id.

The user will not get a new user_id. Instead an entirely new user will be created for that connection.

i.e.: if a user logs-in with example@gmail.com using a DB connection and then logs-in with the Google Social Connection using the same email, they will be treated as separate accounts.

It sounds to me that you’re trying to treat a user with multiple accounts as a single entity (account). If that’s the case, you can take a look at our Account Linking Docs.

You can link accounts using the Management API: https://auth0.com/docs/api/management/v2#!/Users/post_identities

Alternatively, we have a rule which you can enable to automatically link accounts with the same email which you can enable via the Dashboard: https://github.com/auth0/rules/blob/master/rules/link-users-by-email.md

I hope that helps point you in the right direction and don’t hesitate to let me know if you have any further questions!

Yes, that looks exactly what I want!

Thanks very much!

1 Like

I’m struggling with the same thing, since there seems to be a missing abstraction for an account vs an identity. If a user signs up with Facebook, then decides to switch to, say, Google, account linking doesn’t entirely resolve the issue because one identity has to be the primary identity, and that determines the user_id that’s returned. So if the user wishes to disconnect their Facebook identity, then the Google identity becomes the primary and the user_id now changes from facebook|xxxxxxx to google|yyyyyyy. It’s crazy that there isn’t a fixed user_id that’s independent of the connection being used. Is there really no standard way to preserve the account identifier regardless of the connection being used?

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?