Auth0 Home Blog Docs

Wrong provider (subject) for linked accounts in JWT

jwt
provider
#1

We’re running into an issue after a user has linked their account with the Auth0 Account Link extension. The provider in the subject is that of the initial login method. So for example, if a user first signed up via magic link, then logged in via Google SSO and through the extension linked their account, then the provider is still Magic link (even though we wish it would state the current login, aka google-oauth2).

Is there a simple way to change this behaviour? Since we differentiate users based on e-mail on our side, we could disable the extension and unlink all the currently linked users via the Management API, but that doesn’t seem like a clean solution, as ideally we’d like a user’s different login methods to show up under the same account and not under separate accounts.