Feature Requests

Allow multiple auth providers to link to the same user account by email
Currently, Strapi's authentication system treats each provider (e.g., Google, Facebook, Email) as a separate account type, even if the email address is identical. This creates an unexpected limitation: > If a user signs up with Google using user@example.com , they cannot log in later with the same email via Email+Password or Facebook. Each provider generates a separate user account. ### ✅ Expected Behavior Allow the use of multiple authentication providers on the same email account , where each provider can authenticate the same user identity (just like most major platforms do). Example: * A user signs up via Google with jon@example.com * Later, they choose to log in with Email+Password or Facebook using the same jon@example.com * All sessions and data should point to the same user record in the users-permissions_user table ### 🔍 Current Limitation Even though the admin panel allows enabling multiple providers, they cannot share the same email identity. This results in multiple user records for one individual, which: * Fragments user data * Breaks expected behavior from the user’s point of view * Complicates backend logic for multi-provider support ### 💡 Suggested Implementation * Add a configuration option to allow linking accounts by email (e.g., mergeAccountsByEmail: true ) * Or provide a hook to resolve/merge identities when a provider callback returns an email that already exists ### 📚 Related Docs Advanced Settings for Users & Permissions ### 🤝 Community Need As per the conversation with Strapi support, this appears to be a known limitation with no native workaround at this time. A lot of modern apps expect seamless SSO behavior between providers — this would be a strong improvement to developer and user experience.
0
Load More