Unlink User Accounts
Use the Auth0 Management API Unlink a User Account endpoint or the Auth0.js library to unlink an identity from the target user account making it a separate user account again.
The result of the unlinking process is the following:
The secondary account is removed from the identities array of the primary account.
A new secondary user account is created.
The secondary account will have no metadata.
If your goal is to delete the secondary identity entirely, you must first unlink the accounts, and then delete the newly created secondary account.
Depending on from where you call the endpoint, use one of these two scopes:
update:current_user_identities
from client-side codeupdate:users
from server-side code
The endpoint uses the following parameters:
Parameter | Type | Description |
---|---|---|
id |
string |
ID of the primary user account (required) |
provider |
string |
identity provider name of the secondary linked account (e.g. google-oauth2 ) |
user_id |
string |
ID of the secondary linked account (e.g. 123456789081523216417 part after the ` |
If your instance has users from multiple providers, you may also include [connection_name]|
before the user_id
string
to name the provider (for example, "user-id": "google-oauth2|123456789081523216417").
Response example
[
{
"connection": "Initial-Connection",
"user_id": "5457edea1b8f22891a000004",
"provider": "auth0",
"isSocial": false,
"access_token": "",
"profileData": {
"email": "",
"email_verified": false,
"name": "",
"username": "johndoe",
"given_name": "",
"phone_number": "",
"phone_verified": false,
"family_name": ""
}
}
]
Was this helpful?
Use JWT from the primary account
To unlink accounts, call the Management API Unlink a User Account endpoint using the JWT from the primary account for authorization:
function unlinkAccount(secondaryProvider, secondaryUserId){
var primaryUserId = localStorage.getItem('user_id');
var primaryJWT = localStorage.getItem('id_token');
$.ajax({
type: 'DELETE',
url: 'https://' + '{yourDomain}' + '/api/v2/users/' + primaryUserId +
'/identities/' + secondaryProvider + '/' + secondaryUserId,
headers: {
'Authorization': 'Bearer ' + primaryJWT
}
}).then(function(identities){
alert('unlinked!');
showLinkedAccounts(identities);
}).fail(function(jqXHR){
alert('Error unlinking Accounts: ' + jqXHR.status + ' ' + jqXHR.responseText);
});
}
Was this helpful?
Use Access Token with the update:users scope
If you need to unlink two or more user accounts, call the Management API Unlink a User Account endpoint using an Management API Access Token with the update:users
scope.
function unlinkAccount(secondaryProvider, secondaryUserId) {
var primaryUserId = localStorage.getItem('user_id');
var primaryAccessToken = localStorage.getItem('access_token');
// Uses the Access Token of the primary user as a bearer token to identify the account
// which will have the account unlinked to, and the user id of the secondary user, to identify
// the user that will be unlinked from the primary account.
$.ajax({
type: 'DELETE',
url: 'https://' + AUTH0_DOMAIN +'/api/v2/users/' + primaryUserId +
'/identities/' + secondaryProvider + '/' + secondaryUserId,
headers: {
'Authorization': 'Bearer ' + primaryAccessToken
}
}).then(function(identities){
alert('unlinked!');
showLinkedAccounts(identities);
}).fail(function(jqXHR){
alert('Error unlinking Accounts: ' + jqXHR.status + ' ' + jqXHR.responseText);
});
}
Was this helpful?
Unlink accounts from server-side code
Update the user in session with the new array of identities (each of which represent a separate user account).
const ensureLoggedIn = require('connect-ensure-login').ensureLoggedIn();
const Auth0Client = require('../Auth0Client');
const express = require('express');
const router = express.Router();
...
router.post('/unlink-accounts/:targetUserProvider/:targetUserId',ensureLoggedIn, (req,res,next) => {
Auth0Client.unlinkAccounts(req.user.id, req.params.targetUserProvider, req.params.targetUserId)
.then( identities => {
req.user.identities = req.user._json.identities = identities;
res.send(identities);
})
.catch( err => {
console.log('Error unlinking accounts!',err);
next(err);
});
});
Was this helpful?
Call the Management API v2 Unlink a User Account endpoint using an Management API Access Token with the
update:users
scope.
const request = require('request');
class Auth0Client {
...
unlinkAccounts(rootUserId, targetUserProvider, targetUserId){
return new Promise((resolve,reject) => {
var reqOpts = {
method: 'DELETE',
url: 'https://{yourDomain}/api/v2/users/' + rootUserId +
'/identities/' + targetUserProvider + '/' + targetUserId,
headers: {
'Authorization': 'Bearer ' + process.env.AUTH0_APIV2_TOKEN
}
};
request(reqOpts,(error, response, body) => {
if (error) {
return reject(error);
} else if (response.statusCode !== 200) {
return reject('Error unlinking accounts. Status: '+ response.statusCode + ' ' + JSON.stringify(body));
} else {
resolve(JSON.parse(body));
}
});
});
}
}
module.exports = new Auth0Client();
Was this helpful?