Hi @Riftsan , I’ve been drafting this reply as and when I’ve had a spare moment, sorry for the wait:
1.) Passwordless accounts will have a profile stored in your Auth0 tenant once the user has logged in once successfully, and should be marked as verified automatically as they would have proven they have access to the email / phone number by the act of logging in successfully.
Otherwise, they are the same as database connection users except for their method of authentication, and can be found in the Users section of your tenant dashboard like any other connection type.
2.) A database connection will not allow a user to sign up with the same email address, and a passwordless connection would treat anyone who can prove they are in possession of a given email account / phone number by sending back the right OTP code as the user assigned to said email/phone number, so it should not be possible for any duplicates to be created. However, you cannot control users using multiple emails or phone numbers to create new accounts (accidentally or intentionally), and would have to link these accounts if needed:
Please note though that if you were to start using both Database and Passwordless connections, they are treated as completely separate identities, so a user could have 2 accounts for the same email address for example split across the 2 connections.
3.) Unless you are creating these users via the Management API, passwordless users who complete a login will have an account created only after the login, and will be marked as verified. If you are creating users ahead of time, then they will need to login in once successfully to be marked as verified.
4.) I don’t think this would provide any benefit over just using a passwordless connection, unless you wanted to at some point make the users start using a password to log in. But I may have misunderstood your need for this second Database connection based account.