Hello @ogonzalez
To prevent federated users from automatically registering in your application, you can implement an email verification process that requires all new users, including those who sign in with a federated identity provider, to verify their email address before they can access your application.
Here are the general steps you can take:
Implement an email verification process: When a new user signs up or signs in with a federated identity provider, send them an email containing a verification link or code. The user should be required to click on the link or enter the code in your application to verify their email address.
Require email verification for all new users: You can configure your application to require email verification for all new users, regardless of whether they sign up using a federated identity provider or not.
Store federated user information separately: If you don't want to automatically register federated users, you can store their information separately from regular users. When a federated user attempts to sign in, your application can check if their email address is already associated with an existing account. If it is, you can prompt the user to sign in with that account instead of creating a new one. CheckMyRota.com
Provide clear communication to users: Make sure that your application provides clear communication to users about the email verification process and why it's necessary. This can help to reduce confusion and ensure that users understand the steps they need to take to access your application.
Overall, implementing an email verification process and storing federated user information separately can help you control user registration in your application and ensure that only verified users can access your application.