FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Logging in with a google account with the same email as a previously registered user?

    Scheduled Pinned Locked Moved
    Q&A
    identity google
    2
    4
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danD
      dan
      last edited by

      If someone creates an account with username/password, and then later logs in via Google for the same email, will it always be the same User account?

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • danD
        dan
        last edited by

        If you use the same email address, yes.

        Currently the resolution is simply by email (there may be some enhancements in the future).

        So in your scenario, if you log in with richard@piedpiper.com and then later log in with a Google account that has the email address richard@piedpiper.com - it will be the same user in FusionAuth.

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        1 Reply Last reply Reply Quote 0
        • D
          davidmw
          last edited by

          I wish SSO accounts could be linked to the FusionAuth account without the perfect email match requirement. If we think of the FusionAuth account as the main user containing the UserID GUID, registrations, and roles. Then add support for multiple SSO login alternatives that are connected to the main account much like an alias would be.

          Currently if I create an account for a user with the provided email address (creating registrations, roles and matching account on our backend) and they connect via SSO on a different email account - FusionAuth creates a second account for them even when we have auto registration turned off. That account doesn't have the access we promised even when they can authenticate with it. To fix the problem I can't go in and fix the original account since there will now be an email address collision on the system. Requires deleting the system generated account first, then the email can be changed. This hassle trickles up into our admin screens as well since accounts are really created there and not directly in FusionAuth. When the email address update runs into a collision with an existing account we need to query FusionAuth for app registration counts - if zero it might be safe to delete the conflicting account then proceed with the renaming. But this feels unnecessarily complex.

          1 Reply Last reply Reply Quote 0
          • danD
            dan
            last edited by

            Hi @david-0 ,

            I understand your frustration. We're thinking about ways to ameliorate this issue.

            And you aren't alone. Here are a couple of open github issues:

            • https://github.com/FusionAuth/fusionauth-issues/issues/751 (kind of the reverse of what you're talking about, but related)
            • https://github.com/FusionAuth/fusionauth-issues/issues/1 (the very first issue filed!)

            Please feel free to upvote them, as that helps direct our development efforts. If these issues don't cover what you're looking to do, please do file a feature request with use case specifics.

            Thanks,
            Dan

            --
            FusionAuth - Auth for devs, built by devs.
            https://fusionauth.io

            1 Reply Last reply Reply Quote 0
            • First post
              Last post