When two accounts have conflicting login identifiers, Gigya assumes that the same user has ownership of both accounts, and enables linking the accounts into a single account, associated with two identities, rather than maintaining two separate accounts.

Overview

Gigya's plugins, such as the social login plugin, enable users who wish to register or log in to your site to use their social identities to create accounts.

These identities are managed and identified using login identifiers, which are, by default, the email addresses associated with an account's identity.

When two accounts have conflicting login identifiers, Gigya assumes that the same user has ownership of both accounts, and enables linking the accounts into a single account, associated with two identities, rather than maintaining two separate accounts. 

Gigya's default state is to allow and support linking of social identities to site identities. This guide explains how to implement support for linking between social identities. 

 

Note: Linking a social account to a site account is supported by default and can be implemented in the same manner as described in this document. Linking between site accounts is not supported.

 

Contents

This guide covers the following subjects:

 

Link Accounts Flows

Account linking can occur in the following cases:

 

New Social Account Conflict

Since the registration flow is seamless with social login, some users are likely to want to log in with any given social identity.

When a member of your site registers with a new social identity for the first time, Gigya recognizes a conflict of email addresses and suggests linking the accounts.

If the user chooses to link the accounts, an authentication screen appears to enable the user to prove ownership of the previous account in order to complete the account linking.

For example:

 

Conflict on Completing Registration

A conflict can be created for an existing account, if a change in the loginID is applied. This can happen when a new account is missing some key fields to complete its registration. When these fields are added using the accounts.setAccount.Info API, and a change in the login identifier creates a conflict, Gigya will alert the conflict according to the conflict handling policy, and if required, trigger the account linking flow, similar to account linking on a new registration.

If the user chooses not to link the account, a new account will be created with the conflicting field, however that field could not be used as a login identifier.

 

Implementation

This section explains the required steps for implementing both methods.

Account linking support can be implemented using Gigya's API, or through using UI Markup Extensions.

 

Linking Accounts Policy

First, in order to support social-to-social account linking, your site's policy regarding linking needs to be defined to explicitly support social-to-social linking. By default, only social-to-site linking is supported.

 

Console Settings

To be able to link between social accounts, a change of policy is required. Make sure to check the All Identities radio button on the Console's Policies page.



 

Setting the Policy via API

To change the site's policy manually via API, you must set the Conflict handling policy to allow Social-to-Social Linking.
This is done using the accounts.setPolicies API. When calling the API set the accountOptions object's loginIdentifierConflict field to failOnAnyConflictingIdentity.

 

var accountOptionsObj = {
        //Allow social-to-social account linking
        loginIdentifierConflict : 'failOnAnyConflictingIdentity',
}
var policies = {
    accountOptions : accountOptionsObj
};
accounts.setPolicies(policies);

 

 

Building Account Linking UI

The following instructions are using the Gigya WebSDK, for information about using REST APIs, see accounts.login REST Errors.

 

This section explains how to add support for social-to-social account linking to an existing screen-set:

 

 

Linking Accounts Using API

This section explains how to perform account linking manually, using Gigya's API.

Limitations

Current limitations of the Account-Linking feature: