1. why customers have the options to remove their external authentication record ? there should be a setting allow admin to ignore that.
2. main problem Registered customers or customers who removed the external record and wishes to login with facebook, the system returns an message: "email already exists" and block the login.
I think in this case the system should create an external authentication record on the existing customer account and let the customer proceed with the facebook login.
my suggestion is let customers create and external record on an existing registered account
2. They can associate with an existing account. First, they have to login using email and password (internal). Then, try to login using Facebook. So we just have to create a better intructions (not just "email already exists"). For example, tell them that if they want to associate an existing customer account with Facebook record, then they should be logged in. Here is a work item
They can associate with an existing account. First, they have to login using email and password (internal). Then, try to login using Facebook. So we just have to create a better intructions (not just "email already exists"). For example, tell them that if they want to associate an existing customer account with Facebook record, then they should be logged in. Here is a work item
Thanks Why? Why should they login internal, we already "agreed" that we "trust" facebook authentication, I dont see any reason for that process. in my opinion, in the above case, customers should be logged in automatically
Provides access to the person's primary email address via the email property on the user object.
Do not spam users. Your use of email must comply with both Facebook policies and with the CAN-SPAM Act.
Note, even if you request the email permission it is not guaranteed you will get an email address. For example, if someone signed up for Facebook with a phone number instead of an email address, the email field may be empty.
Review Your app may use this permission without review from Facebook.
Provides access to the person's primary email address via the email property on the user object.
Do not spam users. Your use of email must comply with both Facebook policies and with the CAN-SPAM Act.
Note, even if you request the email permission it is not guaranteed you will get an email address. For example, if someone signed up for Facebook with a phone number instead of an email address, the email field may be empty.
Review Your app may use this permission without review from Facebook.
Users who are registered by their phone number not by email, in that case Facebook dont provide email address. In that case we have to change logic for Facebook authentication
We have added detailed instructions for the "email already exists" error on external authentication. You can see the changes in this commit. Thanks for the suggestion.