Social login fails after account linking

Problem statement

We have a single page app. User signs up with passwordless on the one app. A pre-user-registration flow action is triggered, and creates a Username-Password-Authentication user as the primary identity to allow users to set a password. A pipeline rule is triggered, linking the new email connection identity with the user created by the flow action above.

The user enters their OTP code to verify their email. The user goes to the app, and is automatically logged in. We prompt the user for a new password, and set it via Management API. The user logs out, then tries to log in with Google Auth. Our pipeline rule links the google-oauth2 identity with the Username-Password-Authentication user

The first login sends them back to the login screen (this is the issue we’re looking to resolve). All subsequent google auth logins work as expected

Solution

The way to prevent this would be by making the social identity the main identity.