Note: This is a [Beta] feature, to request access to use this feature, please reach out to our support to enable it for your account.
User accounts and sessions can take one of three common forms:
In Authress, this is the default. Every login and user account is uniquely generated based on the Authress connection such as Login with Google. No further action needs to be taken to enable this functionality.
A user gets unique credentials for this identity, for the specified application from the Authress connection. If the user wishes to have multiple user accounts, they must log out, discarding their current credentials, and fetch new ones by logging in again.
In most circumstances, this is the best choice, especially when a user uses multiple browsers or multiple devices when interacting with this data. Most apps should use this solution.
In some cases, users will want to link accounts from multiple identity providers. While this is common in the consumer space with consumer apps, for business applications it is rarely necessary. This is because the user’s account is tied to their corporate identity and linking it with a personal login method would not make sense. (In lots of situations it might be against the corporate policy and security posture.) However, in some scenarios they might want to take their data with them. Having the ability to link the user’s account to your current business’ corporate identity might be exactly the experience your app needs.
To link identities, patch the user identities endpoint with the other identity using the user’s Authress access token. (Note: performing this action will unlink the data associated with the other account. This is recoverable using the Authress advanced user tools, but in general great care should be taken before linking accounts).
When a user has multiple user identities each associated with a different user account, a better experience is to enable the user to consume data related to either identity. Linking the identities would not be the correct course of action because there is separate data stored with each one, and those accounts might belong to two different owners. Consider the an account owned by a Corporate IdP and one the user uses privately. A good example of this is a Mail app. Everyone has both personal and professional email inboxes, and these mailboxes are not shared. Unless explicitly set up to be shared with each other, they are separate and distinct accounts.
To handle the multiple user experiences, the Authress Login SDK will generate multiple sessions each with their own user identity and access token.
Didn't find what you were looking for?
You can ask your questions in our community:
Or send us an email at support@authress.io