Hello,

While implementing "sign in with" options for our application, I encountered an issue where, in scenarios where the OAuth2 OpenID verification method fails to return an email (e.g. OrcID), it becomes possible for this OAuth account to be linked to multiple user accounts. This situation leads to the accounts being saved in the database, which subsequently causes the server to return a 500 error upon future sign-ins due to the presence of two or more accounts associated with a single OAuth verification method.

To address this issue temporarily, I implemented a check to determine if the OAuth account already exists and prevent it from being linked to another user account on database level. However, I believe that handling this behavior should be a built-in feature of FastAPI-Users.

I'm open to the possibility that I might have overlooked existing solutions or misunderstood the framework's capabilities, so I welcome any feedback or suggestions.

Best regards,
Dzima