github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-22 22:32:01 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

linkSocial cannot link to social accounts with different email #416

New Issue
Closed
opened 2026-03-13 07:45:02 -05:00 by GiteaMirror · 7 comments
GiteaMirror commented 2026-03-13 07:45:02 -05:00
Owner
Copy Link

Originally created by @hyoban on GitHub (Dec 17, 2024).

Is this suited for github?

  • Yes, this is suited for github

To Reproduce

  1. Create a user
  2. Link a social account with a different email
  3. error=email_doesn%27t_match shown in URL

Current vs. Expected behavior

Logged-in users should be able to link to social accounts in different emails

What version of Better Auth are you using?

1.0.20

Provide environment information

System:
OS: macOS 15.2
CPU: (8) arm64 Apple M1 Pro
Memory: 120.31 MB / 16.00 GB
Shell: 5.9 - /bin/zsh
Binaries:
Node: 22.11.0 - ~/.n/bin/node
Yarn: 1.22.19 - ~/.n/bin/yarn
npm: 10.9.0 - ~/.n/bin/npm
pnpm: 9.15.0 - ~/.n/bin/pnpm
Watchman: 2024.12.02.00 - /opt/homebrew/bin/watchman
Browsers:
Safari: 18.2

Which area(s) are affected? (Select all that apply)

Backend

Auth config (if applicable)

import { betterAuth } from "better-auth"
export const auth = betterAuth({
emailAndPassword: {
enabled: true
},
});

Additional context

Afterward, users should be able to log in to accounts with different email addresses by binding social accounts without creating a new account.

Originally created by @hyoban on GitHub (Dec 17, 2024). ### Is this suited for github? - [X] Yes, this is suited for github ### To Reproduce 1. Create a user 2. Link a social account with a different email 3. `error=email_doesn%27t_match` shown in URL ### Current vs. Expected behavior Logged-in users should be able to link to social accounts in different emails ### What version of Better Auth are you using? 1.0.20 ### Provide environment information ```bash System: OS: macOS 15.2 CPU: (8) arm64 Apple M1 Pro Memory: 120.31 MB / 16.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 22.11.0 - ~/.n/bin/node Yarn: 1.22.19 - ~/.n/bin/yarn npm: 10.9.0 - ~/.n/bin/npm pnpm: 9.15.0 - ~/.n/bin/pnpm Watchman: 2024.12.02.00 - /opt/homebrew/bin/watchman Browsers: Safari: 18.2 ``` ### Which area(s) are affected? (Select all that apply) Backend ### Auth config (if applicable) ```typescript import { betterAuth } from "better-auth" export const auth = betterAuth({ emailAndPassword: { enabled: true }, }); ``` ### Additional context Afterward, users should be able to log in to accounts with different email addresses by binding social accounts without creating a new account.
GiteaMirror added the bug label 2026-03-13 07:45:02 -05:00
GiteaMirror commented 2026-03-13 07:45:03 -05:00
Author
Owner
Copy Link

@Bekacru commented on GitHub (Dec 17, 2024):

Better Auth currently works with only one specific email per user. It does not support multiple emails for a single user.

@Bekacru commented on GitHub (Dec 17, 2024): Better Auth currently works with only one specific email per user. It does not support multiple emails for a single user.
GiteaMirror commented 2026-03-13 07:45:04 -05:00
Author
Owner
Copy Link

@hyoban commented on GitHub (Dec 17, 2024):

I got it, thanks for your reply

@hyoban commented on GitHub (Dec 17, 2024): I got it, thanks for your reply
GiteaMirror commented 2026-03-13 07:45:04 -05:00
Author
Owner
Copy Link

@DIYgod commented on GitHub (Dec 20, 2024):

Is there a supported plan, or can we submit a PR to modify this design? It's common for users to use different emails on different platforms, I don't think this is a user-friendly design.

Additionally, there's a related issue: once a user changes their GitHub email, logging in with the same GitHub account will be recognized as a new account, and they will no longer be able to access their previous account.

@DIYgod commented on GitHub (Dec 20, 2024): Is there a supported plan, or can we submit a PR to modify this design? It's common for users to use different emails on different platforms, I don't think this is a user-friendly design. Additionally, there's a related issue: once a user changes their GitHub email, logging in with the same GitHub account will be recognized as a new account, and they will no longer be able to access their previous account.
GiteaMirror commented 2026-03-13 07:45:04 -05:00
Author
Owner
Copy Link

@daveycodez commented on GitHub (Dec 20, 2024):

Oof yea this is a pretty big one. Almost everyone I know uses different emails for some different providers. Connecting a provider shouldn't require a matching email, it should simply attach that provider to the user and prevent that provider from being added to any other accounts. I'll open a new issue if this stays closed, because this is an absolute requirement for an auth system.

Logging in with a provider should automatically connect it to an account that has a matching email, but adding providers to existing accounts manually should not enforce this.

@daveycodez commented on GitHub (Dec 20, 2024): Oof yea this is a pretty big one. Almost everyone I know uses different emails for some different providers. Connecting a provider shouldn't require a matching email, it should simply attach that provider to the user and prevent that provider from being added to any other accounts. I'll open a new issue if this stays closed, because this is an absolute requirement for an auth system. Logging in with a provider should automatically connect it to an account that has a matching email, but adding providers to existing accounts manually should not enforce this.
GiteaMirror commented 2026-03-13 07:45:04 -05:00
Author
Owner
Copy Link

@Bekacru commented on GitHub (Dec 20, 2024):

Is there a supported plan, or can we submit a PR to modify this design? It's common for users to use different emails on different platforms, I don't think this is a user-friendly design.

Managing multiple emails requires workarounds. It should probably be implemented as a plugin to avoid fundamental changes. But, if you have any ideas, I’m happy to take a look. Also open for a PR.

Additionally, there's a related issue: once a user changes their GitHub email, logging in with the same GitHub account will be recognized as a new account, and they will no longer be able to access their previous account.

yeah this should be reported separately. we should be able to link accounts based on the id returned from the provider.

@Bekacru commented on GitHub (Dec 20, 2024): > Is there a supported plan, or can we submit a PR to modify this design? It's common for users to use different emails on different platforms, I don't think this is a user-friendly design. Managing multiple emails requires workarounds. It should probably be implemented as a plugin to avoid fundamental changes. But, if you have any ideas, I’m happy to take a look. Also open for a PR. > Additionally, there's a related issue: once a user changes their GitHub email, logging in with the same GitHub account will be recognized as a new account, and they will no longer be able to access their previous account. yeah this should be reported separately. we should be able to link accounts based on the id returned from the provider.
GiteaMirror commented 2026-03-13 07:45:05 -05:00
Author
Owner
Copy Link

@mielsense commented on GitHub (Jan 14, 2025):

That plugin would be very clutch, as this is one of the most limiting factors to this almost perfect lib.

@mielsense commented on GitHub (Jan 14, 2025): That plugin would be very clutch, as this is one of the most limiting factors to this almost perfect lib.
GiteaMirror commented 2026-03-13 07:45:05 -05:00
Author
Owner
Copy Link

@D3visionNL commented on GitHub (Jan 17, 2025):

So this whole limitation exists because Better Auth does this:


if (link.email !== userInfo.email.toLowerCase()) {
    return redirectOnError("email_doesn't_match");
}

Because this seems fairly non-trivial for manual linking, I am working on a PR to create a config option to disable this check. I will update this comment with a link to it once I have created the PR. PR: #1238

@Bekacru am I missing or forgetting something or would this be a super simple way to fix this problem?

@D3visionNL commented on GitHub (Jan 17, 2025): So this whole limitation exists because Better Auth does this: ```js if (link.email !== userInfo.email.toLowerCase()) { return redirectOnError("email_doesn't_match"); } ``` Because this seems fairly non-trivial for manual linking, I am working on a PR to create a config option to disable this check. ~~I will update this comment with a link to it once I have created the PR.~~ PR: #1238 @Bekacru am I missing or forgetting something or would this be a super simple way to fix this problem?
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
adapter
astro
awaiting external contributor
blocked
breaking
breaking change
bug
c-devops
core
credentials
database
dependencies
devops
devtools
docs
documentation
duplicate
elysia
enhancement
enterprise
expo
express
fastify
good first issue
help wanted
hono
identity
infra
integration
invalid
javascript
locked
maintenance
need-more-information
needs: info
needs: repro
nextjs
nuxt
oauth
organization
P0
payments
perf
platform
plugin
pull-request
Mirrored from GitHub Pull Request
 question
ready
regression
remix
security
social-provider
solid
stale
svelte
tanstack-start
tracking
version-bump
vue
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/better-auth#416
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?