https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> On login, how can I link upstream i...
# ory-copilot
f
@chilly-king-10285 On login, how can I link upstream identities (such as Google profile) with an existing Ory Identities identity ?
b
A message from kapa.ai
New message text here
f
@chilly-king-10285 which field of the configuration do I need to change to allow that?
b
A message from kapa.ai
To enable automatic linking of upstream identities (such as Google profiles) with existing Ory Identities accounts during login, you do not need to set a specific configuration field to "enable" this feature—Ory handles this flow by default when you have both password and OIDC (social sign-in) methods enabled and properly configured. The relevant configuration is to ensure both methods are enabled in your Ory Identities configuration:
Copy code
yaml selfservice:   methods:     password:       enabled: true     oidc:       enabled: true
You must also configure your OIDC providers under the 
oidc
method. For example, for Google:
Copy code
yaml selfservice:   methods:     oidc:       config:         providers:           - id: google             provider: google             client_id: "YOUR_CLIENT_ID"             client_secret: "YOUR_CLIENT_SECRET"             mapper_url: "base64://{YOUR_BASE64_ENCODED_JSONNET_HERE}"             scope:               - email               - profile       enabled: true
With this setup, Ory will automatically prompt users to authenticate with their password if they attempt to log in with a social provider using an email that already exists in your system, and then link the accounts upon successful authentication. There is no additional field required to enable this behavior—it is the default when both methods are active and the provider is configured[User account linking](https://www.ory.sh/docs/kratos/social-signin/link-multiple-provider-account/). If you want to allow users to manually link or unlink providers, ensure the 
oidc
method is enabled for the settings flow as well:
Copy code
yaml selfservice:   methods:     oidc:       enabled: true   flows:     settings:       # ... other settings
[Settings and profile updates](https://www.ory.sh/docs/kratos/self-service/flows/user-settings/) Summary: - Enable both 
password
and 
oidc
methods in your configuration. - Properly configure your OIDC providers. - No extra field is required to enable automatic linking; it is handled by Ory when both methods are enabled.
Open in Slack
PreviousNext
Powered by