Using an external IDPs access token and creating Auth0 users

This is our flow.

  1. A link provided in an external site redirects to our UI. This link comes with another access key-1 to another system.
  2. User starts the OAuth sign-up process in our flow. As the user starts this flow access key-1 is used to connect to the external system to pull details. This is required to complete the ‘sign-up’ process.
  3. User now completes the sign-up process with email verification and obtains access key-2, which is from our IDP.

Does this look like a typical flow ? I am concerned that access key-1(external system) is used to pass through our API gateway(from our UI) even without access key-2, which is from our IDP. Remember it is the ‘sign-up’ process. Not sign-in.

Update 1 : The subject describes the workflow. Nothing to do with federation etc.
Update 2 : I want to ask if I can provide a flow like this. Use a temporary token and exchange it for a permanent token.

  1. Obtain a link_token by calling /link/token/create .
  2. Initialize Link by passing in the link_token . When your user completes the Link flow, Link will pass back a public_token via the onSuccess callback. For more information on initializing and receiving data back from Link, see the Link documentation.
  3. Exchange the public_token for an access_token by calling /item/public_token/exchange .