I have to implement single-sign-on similar to the way social connections work.
There are two websites XYZ- third party website(client) and ABC - my website.The users who are authenticated at XYZ should be allowed to access ABC without any password.
To achieve this I will be exchanging tokens for validating the users.
The issue lies for the first time users in ABC. I should not manually enter the user details in auth0. If the user is logging in for the first time, his details should be entered into auth0 just like google-OAuth does and not through any identity provider like database connectivity.
I checked out the custom extensions provided by auth0, but I do not have access to the user profiles of the third party clients.
I am aware of the usage of tokens. However, I am not clear if the above scenario is achievable in auth0 without the user details already available.