onMergeUseExisting property

bool onMergeUseExisting

Whether to keep or delete the current user when merging two users after an update.

When updating a user's email address or phone number and with addToUserLoginIds set to true, if another user in the the system already has the same email address or phone number as the one being added in their list of loginIds the two users are merged and one of them is deleted.

This scenario can happen when a user uses multiple authentication methods and ends up with multiple accounts. For example, a user might sign in with their email address at first. Then at some point later they reinstall the app and use OAuth to authenticate, and a new user account is created. If the user then updates their account and adds their email address the two accounts need to be merged.

Let's define the "updated user" to be the user being updated and whom the refreshJwt belongs to, and the "existing user" to be another user in the system with the same loginId.

By default, the updated user is kept, the existing user's details are merged into the updated user, and the existing user is then deleted.

If this option is set to true however then the updated user is merged into the existing user, and the updated user is deleted. In this case the DescopeSession and its refreshJwt that was used to initiate the update operation will no longer be valid, and an AuthenticationResponse is returned for the existing user instead.

Implementation

final bool onMergeUseExisting;