Using Transaction for signup, in express/mongoose

Hi everyone,

I’m a junior backend developer working with Node.js.
While working on my app, I made a typo in process.env and noticed that a user was still being created even though the token was not generated successfully.

I understand why this happened technically, but from a business-logic perspective, this flow doesn’t feel correct. A user should not be created if their token generation fails.

After some research, I found that one possible solution is to use a database transaction to ensure that both operations creating the user and generating the token either succeed together or fail together.
This way, the signup process remains consistent and reliable.

My question is: Is using a transaction the best approach for this case, or are there other recommended patterns or solutions that I might be missing?

Thanks!

Hi @shamsmedhat1,

The core issue is that your application logic is tightly coupled with the identity provider. In a standard Auth0 flow, the “Source of Truth” for an identity should ideally be Auth0 itself.

If you create a user in your local Mongoose DB first and then call Auth0, you risk “Orphaned Users” (local user exists, but can’t log in). If you call Auth0 first and then your DB fails, you get “Ghost Identities” (user can log in, but your app has no record of them).

Instead of creating the user in your DB during the signup request, allow Auth0 to handle the signup entirely.

If you have any further questions, don’t hesitate to reach out.

Have a good one,
Vlad