We have a single page app. User signs up with passwordless on the one app. A pre-user-registration flow action is triggered, and creates a Username-Password-Authentication user as the primary identity to allow users to set a password. A pipeline rule is triggered, linking the new
The user enters their OTP code to verify their email. The user goes to the app, and is automatically logged in. We prompt the user for a new password, and set it via Management API. The user logs out, then tries to log in with Google Auth. Our pipeline rule links the
google-oauth2 identity with the
The first login sends them back to the login screen (this is the issue we’re looking to resolve). All subsequent google auth logins work as expected
The way to prevent this would be by making the social identity the main identity.