Signing in to the platform should create a new user with empty collections about tottem HOT 3 CLOSED

Should we really need to have a user table in our own db?
https://auth0.com/docs/users/concepts/overview-user-profile

from tottem.

Some takeways from my first researches:

• Indeed, Auth0 seems to be easily handling unique usernames when signing up to the app (I have turned it on and it works fine)

• That being said, there is no out-of-the-box integration with Social providers (i.e. Google) for usernames (https://community.auth0.com/t/ensuring-unique-username-across-different-connections/6656) and it doesn't seem feasible without pluging the connection workflow to an internal DB

• Moreover, signing up with a social provider and then creating an account with the same email will create 2 separate users. Merging identical accounts would have to be also done on our side (https://auth0.com/docs/link-accounts)

• When connecting through Google, the auth screen will always display "Choose an account to continue to auth0.com" unless the app gets "verified" by Google (https://stackoverflow.com/questions/44138213/google-oauth-consent-screen-not-showing-app-logo-and-name). This could take some time (up to 6 weeks according to them) but I can request a validation in the meantime.

• And last but not least, because we are not using a custom email provider, this makes the "verify your account email" not very user-friendly:

I thus propose:

• Dropping the google connection for now, but still request authorization for the OAuth app in the meantime
• Disabling the "verify your account" email for now, until we setup a proper email provider (in a different issue)
• Users will only be able to sign up using a unique email / username combination

from tottem.

Do you mean that asking for username is not allowed when sign-in with Social providers?
Using a third-party (that could be very expensive) "just" for username / password sign-in without email confirmation might be overkill so 😐

I may miss the point, I did not get into auth0 documentation. I've just read this https://auth0.com/docs/users/concepts/overview-progressive-profiling
In my first impression we might want to do something like :

1. Basic / fast sign-up (email password, — or even without password, social providers)
2. Once logged-in, asking for for information in our own app
3. Using User Auth0 API to manage user data additional data

But, I've just ready on User Auth0 API that user can only be retrieved by an automatic generated user_id https://auth0.com/docs/api/management/v2#!/Users/get_users_by_id :/
It means that:

• User API should not be used to store profile related information. I think we should have a Profile table. As you probably suggest first?

from tottem.