I would like to invite a user using their google email. The invited user should be able to login
with their google email using google-oauth2 connection into our application
that uses auth0 authentication API. Since Auth0 API does not allow a user with
google-oauth2 connection to be created via its API. How can I be able to invite a user in our application
without redirecting them to the google social connection user sign up page?
similar use case here: can you have invite-only with social (and database) connections ?
similar use case here: can you have invite-only with social (and database) connections ?
With database connections it is possible to disable public signups which would mean only users that you would register be eligible to access the service because only those would have credentials accepted by the database connection.
With social connections the signup happens at the specific social provider associated with that connection; enabling a social connection means that any user with applicable social credentials can authenticate through that connection. Given you can’t disable signups at the social provider invite-only client applications that want to still let users authenticate using a social login cannot simply enable the connection.
If you want to allow social logins, but still control the specific end-users that can authenticate with a social login then you need to take additional steps. For example, you can implement a custom rule that fails social authentication attempts if the user identity is not associated with your notion of invited users; have in mind that this could be as simple as call to your system to check that the verified email of the social identity is listed in the list of invited users.