Auth0 Home Blog Docs

Link Accounts with Same Email Address, Problem case

auth0
rules
login
linking-account

#1

Link Accounts with Same Email Address


I incorporate email address & password authentication and Google, Facebook authentication into mobile applications.

Since I want users with the same mail address to be the same account, I set Rules of “Link Accounts with Same Email Address”.

However, there are cases where a problem occurs in the authentication flow.

Case

  1. The user launches the application and authenticates with Google.

  2. The user used the application.
    Next, the user authenticated with the mail address.

  3. Two user data with the same mail address are generated for Auth 0.
    This is because the user has not verified the mail address yet.

  4. The user verified the e-mail address.

  5. Suppose you have done one of the two following methods.
    5-1. The user logs in using the mail address.
    → The user data when Google authentication is authenticated is merged with the user data generated by mail address authentication.

    5-2. The user logs in with Google authentication.
    → The user data generated by mail authentication is authenticated is merged with the user data generated by Google authentication.


I have developed my own server side application, and it saves the data based on the user ID of Auth0.

So I think that it is inconvenient for one user to disappear.
This is not a problem of Auth 0 but I think it is an issue on the authentication flow.

Is there a suitable implementation design for my issue?