Working with identities
I posted once before but im a bit confused and trying to understand.
i offered 2 ways of signing in. Google or magic link.
then in my settings page I list the two and allow you to change or add the different providers. So if you signed up with magic link I show a "connect with google" option. there is also a "change your email" form meant for the magic link. I learned fast that both the google provider and magic link expect to use the same email address so you cant change them separately.
I learned that i had to set "allow manual linking" if I want to allow the google identity to be separate from the magic link email address identity. so technically someone can sign up with 2 email addresses if I turn this on and it separates magic link and google email addresses.
By doing this they can now remove their google account. or add a different email for magic link should they want to.
It seems turning "manual linking" on does not stop them from being able to sign in with magic link using the google email until they explicitly set a separate email for magic link.
does this all sound correct?? if I want to email a profile should i add an email column to their profile in the profiles table or somehow find and use an email address from one of their identities?
My own head is swirling from all that I just wrote.
5 Replies
ok i just tested it. even with manual linking turned on. if you signed up with one provider and then sign in with magic link, it signs you in to same account. i guess once signed in you could break them apart and use 2 different email accounts. is that what manual linking is for?
Please restrict your posts to one question at a time as it becomes very confusing reading multiple questions. Your assumptions about manual linking are correct, that's how it works.
Supabase will auto-link accounts using the same email address even if you have manual linking turned on. There is no way to disable this feature.
ok. thanks i think im understand how it works... hopefully. It auto links accounts - but you can break that autolinking if they are signed in and change their identities. And i think for that manual linking needs to be turned on
Manual linking is there for you to link a user with different email addresses in their OAuth provider to the same account. So if my email I used with GitHub was hello@example.com and my email I used for Google was hi@example.com then Supabase has no way to autolink these accounts if I were to try and signup with both of them at separate times. However you could create a UI inside of your application to add Google sign in and use the
.linkIdentity method (manual linking) to initiate the linking of hi@example.com to the hello@example.com account I'm already signed in with.yesa. that is what i did. awesome. thanks