User invite only flow supporting both usr/pwd and social logins

I have reviewed the User Invitation Flow. I need to support both user/pwd and social logins. Can anyone clarify the following?

  • For social logins, how is the user invited? I assume the admin is not creating a user and sending a link, right?
  • How do we prevent uninvited users from creating user accounts?
  • How do we include additional registration select list options (language and organization)?

Appreciate any pointers or helpful links!

Hi @jgermain

There is no “invite” for social logins. They are created the first time a user logs in.

What I would suggest is a variation on account linking:
when a social user logs in, verify they are linked with a email/password account, and fail the login if they are not, or link the accounts if both exist and they are not linked yet(make the user verify ownership of both accounts).

This requires a user to create a email/password account ALWAYS.

A variation on this is to pre-create the email/password account for the user via the management API. This has some complexities to work out.

John

Hi John,
One question, How you check if exist one social account, I don’t found any documentation about this :frowning_face:

Can you help me please!
Thank you!

Hi @hcastillo.mendoza

You can search for users via the management API. Then check to see if the user is a social connection.

John

1 Like