I need help understanding if Auth0 accomplishes what we need it to do and I can not find any resources that seem to point towards it.
We have a SPA using Auth0 for Federated Logins. We are logging in users using Google OAuth2 and Twitch. We are not linking these accounts if they have the same email. When a user logs in with one of these methods, a new user is created.
We have an “Integrations” page of our application where the user can explicitly grant Google Drive, scopes to the user so that our backend can deliver files to their Google Drive.
We can not figure out how to assign these Connections to the user already authenticated with Auth0 and store those tokens so that our backend may access them later through the Management API when it wants to put files in Google Drive on the user’s behalf.
We have resorted to creating multiple Applications and Social Connections in a confused mess and are just not sure if Auth0 is even built to do what we are looking for.
We want our users to be able to log into our SPA with limited scopes (usernames, emails) but also connect to third-party services we intend to use such as Google Drive, Dropbox, Twitter, etc. All we want to do is make sure that when a user authenticates with one of these services, that it is assigned to the same user in Auth0 and does not create a bunch of new users for each Connection. We want our backend to be able to hit the Management API, retrieve the Refresh Token, make the handshake, then have the correct credentials to use the Google Drive API to place the files in their drive.