Hey @john.gateley thank you for the reply! A few points a of clarity and probably another question.
At this time we can’t have users combine their accounts as we use the sub from the jwt in our database to identify them and have no way to tie them together in the application. Bigger project way down in the backlog.
The point here is that even when using the “login” side of the Universal Login Experience, if someone uses a social identity provider, they are immediately added to Auth0 as a new user (`user identity), Auth0 rules fire, etc. This seems wrong, they were trying to login, not create a new account with us.
The goal here is not to create a new user in Auth0 (I don’t mean an Auth0 username/password user, a user identity) with any new social identity provider login. I had a user the other day with four user identities in Auth0 because they kept trying to figure out which account they used to setup their profile etc. in our application.
The register form creates a username/password account. A user CANNOT create a Facebook or Google account via your app, they must create it at Facebook or Google
This is fully understood
So yes, we may/probably have something not configured correctly, though it feels strange that a new Auth0 user identity is created whenever someone tries to login with a new social identity provider.
Note: The term user identity was taken from this dashboard page: https://manage.auth0.com/dashboard/us/that/users, in trying to find the correct term in my explanation.