Introduction
The CoreOne Authentication User can have multiple references to the external users from external identity providers. He has the option to merge those accounts manually and automatically. Both processes are described here.
Auto Mergin
Whenever a user authenticates with an external identity provider and the authentication results in a user that is nor yet linked to any CoreOne Authentication User, the system either tries to auto merge it or, if no user can be determinated, renders the registration form.
In current versions only on auto merging type is supported. The auto merging is performed by comparing the claim http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
from the external token to the user claims in the system. If there is a matching claim, the two accounts will be automatically linked.
Manual Mergin
In the CoreOne Self-Service Portal the user has the option to merge his CoreOne Authentication Service User to any configured external identity provider. By selecting the provider and authenticating against it, the external identity provider and it’s user will be merged to the current user, whether the http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
matches the local email address or not.