User invite only flow supporting both usr/pwd and social logins

jgermain · July 21, 2020, 9:21pm

I have reviewed the User Invitation Flow. I need to support both user/pwd and social logins. Can anyone clarify the following?

For social logins, how is the user invited? I assume the admin is not creating a user and sending a link, right?
How do we prevent uninvited users from creating user accounts?
How do we include additional registration select list options (language and organization)?

Appreciate any pointers or helpful links!

john.gateley · July 22, 2020, 1:37pm

Hi @jgermain

There is no “invite” for social logins. They are created the first time a user logs in.

What I would suggest is a variation on account linking:
when a social user logs in, verify they are linked with a email/password account, and fail the login if they are not, or link the accounts if both exist and they are not linked yet(make the user verify ownership of both accounts).

This requires a user to create a email/password account ALWAYS.

A variation on this is to pre-create the email/password account for the user via the management API. This has some complexities to work out.

John

hcastillo.mendoza · December 11, 2020, 10:00am

Hi John,
One question, How you check if exist one social account, I don’t found any documentation about this

Can you help me please!
Thank you!

john.gateley · December 11, 2020, 2:42pm

Hi @hcastillo.mendoza

You can search for users via the management API. Then check to see if the user is a social connection.

John