Some more context:
As a workaround, I can send invitations via the Google connection. The user experience there is great…Until they log out and log back in and then get prompted with the passwordless flow. Then, they get an error saying they aren’t part of the organization because they’re a different user on the Auth0 backend since they used a different connection!
And I don’t think I can merge the users since they aren’t authenticated yet, unless I do some janky stuff like try the callback request again without the org id, then merge them. So my workaround for that is to allow Membership on Authentication. Three problems though:
a) now I have a security problem since anyone can sign up for any organization in my app if they get the org id
b) I will have two of every user, or I have to now go and implement merging
c) I can only support social logins going forward
What a mess.