Lock: Signup with username & social connections

Created on 9 Nov 2016  路  8Comments  路  Source: auth0/lock

I麓m using the auth0-lock version 10.6.0 with angular2. I am currently allowing sign up with three connections: database, facebook & twitter.
I whould like all users to have a unique username that sign up to my app. I麓ts really easy with database and works great but is it possible to force users from social connections to create their own username when signing up?

question

Most helpful comment

Why do you say there is no way? Would it not be a great feature if the lock widget would add an optional second step for social signup for adding extra properties like username?

This wont work because on how social connections work. Since we need to redirect the user to the IdP login page, you will need to handle it on your own anyway to show this second step when the user comes back from authentication.

Right now the flow is the following:

your page shows lock -> user clicks on social idp -> lock redirects to auth0 -> auth0 redirects to social idp -> idp redirects back to auth0 -> auth0 process the authentication -> auth0 redirects back to your app

As you see, it is not like a database authentication where everything is handled by auth0 and we can afford doing extra things without any specific extra effort on the developer side.

Anyway, there are two ways to do what you want:

1 - Using redirect rules. You can redirect the user to anothe page (a webtask or one hosted by you) where you ask for extra information and then redirect back to finish the authentication transaction. Here is an example of a redirect rule to build a custom MFA with SMS https://github.com/auth0/rules/tree/master/redirect-rules/sms-mfa

2 - Use progressive profiling: Here is some info related to this topic:

https://auth0.com/docs/user-profile/progressive-profiling
https://auth0.com/blog/progressive-profiling/

and a demo I built some time ago: http://auth0.github.io/auth0-progresive-profiling-demo/
this is the code: https://github.com/auth0/auth0-progresive-profiling-demo

All 8 comments

@kjartanvalur currently there is no way to add this with lock for non-database connections

@hzalaz Do you know if this is on some roadmap? Is there a roadmap?

@hzalaz This is so common use case today. Agree?

@kjartanvalur this is little beyond Lock since the username you add is for DB only users and there is no way to add additional fields for social connections during signup.

Auth0 tries to provide a normalized user profile so the nickname will have a generated username depending on the type of connection. If you need to allow your users to change it, you could use https://auth0.com/docs/api/management/v2#!/Users/patch_users_by_id to add it to user_metadata of the user and in your app use either of them.

I'd suggest to contact us using https://support.auth0.com so our support team can help you.

@kjartanvalur this is little beyond Lock since the username you add is for DB only users and there is no way to add additional fields for social connections during signup.

Why do you say there is no way? Would it not be a great feature if the lock widget would add an optional second step for social signup for adding extra properties like username?

Auth0 is suppose to save us devs from this hassle. Now I need to do a custom signup form and the benefits of auth0 is fading away...

And I opened a ticket for auth0 support 10 days ago and no answer 馃憥

Its beginning to look like "computer says no"

Why do you say there is no way? Would it not be a great feature if the lock widget would add an optional second step for social signup for adding extra properties like username?

This wont work because on how social connections work. Since we need to redirect the user to the IdP login page, you will need to handle it on your own anyway to show this second step when the user comes back from authentication.

Right now the flow is the following:

your page shows lock -> user clicks on social idp -> lock redirects to auth0 -> auth0 redirects to social idp -> idp redirects back to auth0 -> auth0 process the authentication -> auth0 redirects back to your app

As you see, it is not like a database authentication where everything is handled by auth0 and we can afford doing extra things without any specific extra effort on the developer side.

Anyway, there are two ways to do what you want:

1 - Using redirect rules. You can redirect the user to anothe page (a webtask or one hosted by you) where you ask for extra information and then redirect back to finish the authentication transaction. Here is an example of a redirect rule to build a custom MFA with SMS https://github.com/auth0/rules/tree/master/redirect-rules/sms-mfa

2 - Use progressive profiling: Here is some info related to this topic:

https://auth0.com/docs/user-profile/progressive-profiling
https://auth0.com/blog/progressive-profiling/

and a demo I built some time ago: http://auth0.github.io/auth0-progresive-profiling-demo/
this is the code: https://github.com/auth0/auth0-progresive-profiling-demo

@glena Thanks for this detailed response 馃憤

Was this page helpful?
0 / 5 - 0 ratings

Related issues

juhaelee picture juhaelee  路  3Comments

dharness picture dharness  路  6Comments

maxlapides picture maxlapides  路  5Comments

ndelvalle picture ndelvalle  路  8Comments

DavidWells picture DavidWells  路  5Comments