1

Assume a new user registers today on my website today with Gmail-id and there gets an account created in OpenAM with user-name as Gmail-id. Lets say in future the same user uses facebook account to login on my website. Taking this for granted that I know that the user has registered on the website with Gmail earlier and I precisely know his/her Gmail-id.

Is it possible that I can link both user credentials to the same OpenAM account without creating a new account ?

What could be the other alternatives ?

user3801941
  • 11
  • 2
  • I would say you need to change the registration code (or better build your own registration) and add the facebook account id as an attribute to the user identity). In authentication you could use both ids to search for the identity. – Bernhard Thalmayr Oct 17 '14 at 06:57

1 Answers1

0

I'm going to assume that when you say "Gmail-id" you mean email address. Google also has a concept of a numerical ID that would not be constructive in this case.

To set this up, you'd need two OAuth 2 modules for each of Google and Facebook, with appropriate scopes to be given the email address in the user profile, and you'd need to set up the account mapping to map the email address from each of Google and Facebook to the mail attribute, and the attribute mapping would then have the same mapping (as well as other appropriate mappings to get user's name, etc).

This means that when the user returns to OpenAM an account with mail=[email from Google/Facebook] will be looked for, and if found, used. If not found, an account with that email address will be created, and would then be used in the future.

Obviously you will need to decide that you trust the email address provided by Facebook represents the identity you have from GMail, but it sounds like you're happy with that.

MrPotes
  • 356
  • 2
  • 10