Link Accounts with Same Email Address not working as expected about rules HOT 6 CLOSED

@LabN36 Linking should happen regardless of which account you sign up with first. Are you still facing issues with the latest version of the rule? https://github.com/auth0/rules/blob/master/rules/link-users-by-email.md

from rules.

@thameera hey thanks for stopping by I've been waiting for the response since a month(also tried to reach on twitter)

well yes the issue is still there, you can try run the above scenario by yourself or let me know i'll create a snippet for you.

i want someone to involve in this thing because it's driving me crazy.

from rules.

Scenario 2 is the expected behavior of the default rule. Linking should not be done if the email is not verified in one of the accounts; otherwise an attacker can register and link themselves to a legit account.

If you'd like to, for example give an error when the email already exists, you can edit the default rule to do so. Furthermore, you can also redirect the users elsewhere and handle this scenario in your own way.

if you try to change the password after signing up with social provider you will get an error that user does not exist on the auth0 dashboard

I couldn't repro this. How are you trying to change the password? Can you share any screenshots? (w/o sensitive data)

from rules.

in general(most of the websites) when let's say a user firstly signup with facebook he'll get signed in to the website.then user logs out. again if a user want to to login with the same email instead of using facebook.

don't you think a website should show them that wrong password(atleast this is what 99% site does)

i understand that auth0 manages this things in a different way ie. provider wise.
but how can i achieve this behaviour

from rules.

don't you think a website should...

The rules we present here are just guidelines/templates and they should be changed to match the desired behavior. I've seen a lot of customers use the exact same rule, so I guess it's just a matter of preference.

but how can i achieve this behaviour

Sorry, I'm not clear here. Can you clarify what behavior you are trying to achieve and where? (you might have mentioned this earlier but since we seem to be discussing multiple issues here I'm not sure what exactly this is about) If you are looking for custom solution, probably opening a support ticket or posting in the community will be most efficient.

from rules.

Obsolete, Rule no longer exists.

from rules.