Oauth seamless account merge with API get info call

Daniel_B · 2025-02-13T18:11:13.254Z

So, on our app we offer multiple ways of login, them being, normal sign up with email and password, LinkedIn and google oauth.

I know you can associate accounts, but only when user is logged in. What I wanted to do was to do a seamless connection, that means, if user has an account with normal sign up, and tries to do a login with Google oauth, what I want to do is the following:

Open the auth window, ask for login and confirm (the normal behavior from API)
Instead of instantly login the user, get the info of the user, email and name if available (API call within the workflow)
Perform a quick check of if User account exists, and if it has associated the Google sign in
3.1 If yes, log in the user
3.2 If not, but the user exists, ask for password, login the user, then login with the Google info we just got, and so associating instantly the account

I want to do this to avoid the bubble error that says “The account already exists, log with…”

It is simple to do if the account was created with Oauth and User is trying to login with password, because we will catch the email from input, but is it possible to do with API? Also is it possible to do the same for LinkedIn?

What I have now is both APIs connected, and Login/SignUp fully working. But I don’t want the API call to be just oauth, but also be able to retrieve the info from the accounts in order to perform the checks.

If there is another way to do it, I would be happy to know how

Jici · 2025-02-13T18:20:59.221Z

You will not be able to associate an “existing” account with another log in option. For example, if the user create account using Bubble email/password auth with their gmail, if the same user try to login using “Google signup”, this will return an error that user already exist. This is actually not something handled by Bubble.

You could consider moving the auth process to something like auth0 that can do that, but only create one user in your Bubble account. However, I don’t know if you can use their auth to call other API endpoints.

Daniel_B · 2025-02-13T18:34:37.352Z

Well you can, if you have an account, signed up with normal email and password, and while logged in, try to log in again with oauth, you merge the accounts.
You are saying, is that to do the catch info I need auth0?

Also here’s the documentation for it:

manual.bubble.io

Authentication plugins | Bubble Docs

Signing up when logged in: When a user already logged in with their email and password chooses to link their account with an OAuth provider, their existing account gets updated with the new authentication credentials. This means no new user account is created. After completing this linking process, the user has the flexibility to log in either with their email and password or through the OAuth flow.

Jici · 2025-02-13T18:43:21.475Z

Daniel_B:

while logged in

Yes while logged in, the oauth will be added to the current user auth (but from what I remember from very old testing, adding more than one oauth2 (example google and ms) will create issue with keeping connection alive (not sure however if this is when you are logged in with google and add ms instead of bubble and add more than 1 oauth. We tested this like 5 years ago… ). According to doc link you provided, this should always be an issue to add more than 1 oauth2 to an existing user as the most recent one will be used.

What I mean is that if user is not logged in, and you try to log in with oauth2 while user is already created with the same email as the oauth2 provider use, you will get an error.

Email already exists: However, if a user tries to sign up by linking an account with OAuth and another user in the database already has the same email as the one provided by the external service, the process won’t succeed. Instead, the user will receive a notification about the issue.

Daniel_B · 2025-02-13T18:46:47.030Z

Oh thanks, I see, so in order to implement something like this the auth0 is needed.

Will it be possible to implement the “seamless” feature? By that I mean, not relying on one single workflow to do all the job, but instead being able to perform workflow actions in between? Or maybe it is not even needed?

Jici · 2025-02-13T18:53:56.930Z

Not sure to understand your question. To perform which workflow between what?

auth0 can use multiple auth for a single account and merge them together. At the end, you will always have one user in your DB if there’s a way for auth0 to link auth to existing user (with their email for example, exactly what you are trying todo). It,s been like 2 years I used auth0 for a client and we did that. I don’t remember everything sorry.

Daniel_B · 2025-02-13T19:30:53.033Z

I will investigate into it, and see if it fits the use case, thanks for the help!