Link Multiple Auth Providers to an Account Using JavaScript

You can allow users to sign in to your app using multiple authentication providers by linking auth provider credentials to an existing user account. Users are identifiable by the same Firebase user ID regardless of the authentication provider they used to sign in. For example, a user who signed in with a password can link a Google account and sign in with either method in the future. Or, an anonymous user can link a Facebook account and then, later, sign in with Facebook to continue using your app.

Before you begin

Add support for two or more authentication providers (possibly including anonymous authentication) to your app.

Link federated auth provider credentials to a user account

To link credentials from an auth provider such as Google or Facebook to an existing user account:

1. Sign in the user using any authentication provider or method.
2. Get the AuthProvider object that corresponds to the provider you want to link to the user's account. Examples:

   var provider = new firebase.auth.GoogleAuthProvider();
   var provider = new firebase.auth.FacebookAuthProvider();
   var provider = new firebase.auth.TwitterAuthProvider();
   var provider = new firebase.auth.GithubAuthProvider();
   

3. Prompt the user to sign in with the provider you want to link. You can prompt your users to sign in either by opening a pop-up window or by redirecting to the provider's sign-in page. The redirect method is preferred on mobile devices.
   • To sign in with a pop-up window, call linkWithPopup:

     auth.currentUser.linkWithPopup(provider).then(function(result) {
       // Accounts successfully linked.
       var credential = result.credential;
       var user = result.user;
       // ...
     }).catch(function(error) {
       // Handle Errors here.
       // ...
     });
     

   • To sign in by redirecting to the provider's sign-in page, call linkWithRedirect:

     auth.currentUser.linkWithRedirect(provider);
     

     After the user signs in, they are redirected back to your page. Then, you can retrieve the sign-in result by calling getRedirectResult when your page loads:

     firebase.auth().getRedirectResult().then(function(result) {
       if (result.credential) {
         // Accounts successfully linked.
         var credential = result.credential;
         var user = result.user;
         // ...
       }
     }).catch(function(error) {
       // Handle Errors here.
       // ...
     });
     

   If the user is signed in successfully, the user's account with the provider is linked to the user's account in your Firebase project.

   Account linking will fail if the credentials are already linked to another user account. In this situation, you must handle merging the accounts and associated data as appropriate for your app:

   // Get reference to the currently signed-in user
   var prevUser = auth.currentUser;
   // Sign in user with another account
   auth.signInWithCredential(credential).then(function(user) {
     console.log("Sign In Success", user);
     var currentUser = user;
     // Merge prevUser and currentUser data stored in Firebase.
     // Note: How you handle this is specific to your application
   
     // After data is migrated delete the duplicate user
     return user.delete().then(function() {
       // Link the OAuth Credential to original account
       return prevUser.linkWithCredential(credential);
     }).then(function() {
       // Sign in with the newly linked credential
       return auth.signInWithCredential(credential);
     });
   }).catch(function(error) {
     console.log("Sign In Error", error);
   });
   

Link email address and password credentials to a user account

To add email address and password credentials to an existing user account:

1. Sign in the user using any authentication provider or method.
2. Prompt the user for an email address and new password.
3. Create an AuthCredential object with the email address and password:

   var credential = firebase.auth.EmailAuthProvider.credential(email, password);
   

4. Pass the AuthCredential object to the signed-in user's linkWithCredential method:

   
   firebase.auth().currentUser.linkWithCredential(credential).then(function(usercred) {
     var user = usercred.user;
     console.log("Account linking success", user);
   }, function(error) {
     console.log("Account linking error", error);
   });
   

   The call to linkWithCredential will fail if the credentials are already linked to another user account. In this situation, you must handle merging the accounts and associated data as appropriate for your app:

   // Get reference to the currently signed-in user
   var prevUser = auth.currentUser;
   // Sign in user with another account
   auth.signInWithCredential(credential).then(function(user) {
     console.log("Sign In Success", user);
     var currentUser = user;
     // Merge prevUser and currentUser data stored in Firebase.
     // Note: How you handle this is specific to your application
   
     // After data is migrated delete the duplicate user
     return user.delete().then(function() {
       // Link the OAuth Credential to original account
       return prevUser.linkWithCredential(credential);
     }).then(function() {
       // Sign in with the newly linked credential
       return auth.signInWithCredential(credential);
     });
   }).catch(function(error) {
     console.log("Sign In Error", error);
   });
   

Unlink an auth provider from a user account

You can unlink an auth provider from an account, so that the user can no longer sign in with that provider.

To unlink an auth provider from a user account, pass the provider ID to the unlink method. You can get the provider IDs of the auth providers linked to a user from the providerData property.

user.unlink(providerId).then(function() {
  // Auth provider unlinked from account
}).catch(function(error) {
  // An error happened
});