Linking same user with different authentication providers

Sudarshan_Roy · May 3, 2021, 7:22pm

Use Case
Suppose, user Scott has logged in with an email/password on the first day. After few days, he logs in with another provider say, Google Authentication Provider with the same email (as the earlier one).

Problem
MongoDB Realm creates two different users: provider type Username/Password, local-userpass and the other with Google, OAuth-2-google. How do I link these two identities with the original user when the user logs in with the second provider?

Dachary_Carey · May 3, 2021, 7:34pm

I’m not sure which SDK you’re using, but I believe you’ll find what you’re looking for under the SDK → Advanced Guides → Link User Identities page. For example, the Android SDK has a linkCredentials() method for the User object: https://docs.mongodb.com/realm/sdk/android/advanced-guides/link-user-identities/

Does this help?

Sudarshan_Roy · May 3, 2021, 7:58pm

Thanks for your reply. I am using realm-web SDK. Please elaborate the flow that I need follow.

Please note, while 2nd time user is signing in with Google authentication provider, at the client side, I am not aware of the fact that whether the user is a returning user and has already signed up with email password or not.

Dachary_Carey · May 4, 2021, 1:57pm

Great point. I saw from your documentation feedback that you found the Web SDK documentation for linking user identities and it didn’t have this info for you. I don’t have a good suggestion for handling this, but I’ll check with my team and see what we recommend. I’ll make sure to let you know what I find out, and we’ll make a ticket to update the documentation. Thanks for filing the feedback - that’s really helpful!

Sudarshan_Roy · May 4, 2021, 5:17pm

Thanks for your reply. I will be waiting for the solution.

Dachary_Carey · May 4, 2021, 10:39pm

I checked with my team, and it looks like there isn’t a recommendation for how to solve this if you don’t know that the user will want to link user identities from the beginning. Once the user has authorized via Google or Facebook and we notice that the emails match, it’s too late to address this.

Sorry I don’t have a more helpful answer for you. I’ve made a note that this is problematic, and will be sure to update the docs in the future if we make enhancements to Realm user management that might improve this.

Maxim_Novoseltsev · July 21, 2021, 8:10am

This is essential for me. I wouldn’t have chosen MongoDB Realm Sync if I knew this limitation from the beginning…
Should you have the same problem, please vote here:

Malik_Abdullah · February 22, 2022, 5:04pm

I also have got same scenario while working with realm. And i found i way to tackle with this.

As my project is in starting phase so i can setup the architecture level things. If you have created the complete project may be it is little difficult for you to handle several case

My Solution:

create a custom data collection for user with fields like , email, facebookId, googleId,
if you signup using email first, create an object in users collection with userId, email and other fields.
and when you login next time with google, get the google id, email from google API. check in user schema for the already created object if exists update user object with googleId.
next time you can simple check the google id in user schema.
when you login save the user collection’s object in cache and user that user object everywhere you want to join other collections.

That is my solution for now. Kindly let me know about, if it is good or not? And also the pro and cons of using this architecture.