supertokens · sattvikc · Nov 27, 2025 · Nov 27, 2025 · Dec 11, 2025 · Dec 12, 2025
diff --git a/downloader/implementationDependencies.json b/downloader/implementationDependencies.json
@@ -0,0 +1,5 @@
+{
+"_comment": "Contains list of implementation dependencies URL for this project. This is a generated file, don't modify the contents by hand.",
+"list": [
+]
+}
diff --git a/ee/implementationDependencies.json b/ee/implementationDependencies.json
@@ -0,0 +1,25 @@
+{
+"_comment": "Contains list of implementation dependencies URL for this project. This is a generated file, don't modify the contents by hand.",
+"list": [
+	{
+		"jar":"https://repo.maven.apache.org/maven2/com/google/code/gson/gson/2.13.1/gson-2.13.1.jar",
+		"name":"gson 2.13.1",
+		"src":"https://repo.maven.apache.org/maven2/com/google/code/gson/gson/2.13.1/gson-2.13.1-sources.jar"
+	},
+	{
+		"jar":"https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.38.0/error_prone_annotations-2.38.0.jar",
+		"name":"error_prone_annotations 2.38.0",
+		"src":"https://repo.maven.apache.org/maven2/com/google/errorprone/error_prone_annotations/2.38.0/error_prone_annotations-2.38.0-sources.jar"
+	},
+	{
+		"jar":"https://repo.maven.apache.org/maven2/org/jetbrains/annotations/13.0/annotations-13.0.jar",
+		"name":"annotations 13.0",
+		"src":"https://repo.maven.apache.org/maven2/org/jetbrains/annotations/13.0/annotations-13.0-sources.jar"
+	},
+	{
+		"jar":"https://repo.maven.apache.org/maven2/com/auth0/java-jwt/4.0.0/java-jwt-4.0.0.jar",
+		"name":"java-jwt 4.0.0",
+		"src":"https://repo.maven.apache.org/maven2/com/auth0/java-jwt/4.0.0/java-jwt-4.0.0-sources.jar"
+	}
+]
+}
diff --git a/src/main/java/io/supertokens/authRecipe/AuthRecipe.java b/src/main/java/io/supertokens/authRecipe/AuthRecipe.java
@@ -27,6 +27,7 @@
 import io.supertokens.pluginInterface.StorageUtils;
 import io.supertokens.pluginInterface.authRecipe.AuthRecipeUserInfo;
 import io.supertokens.pluginInterface.authRecipe.LoginMethod;
+import io.supertokens.pluginInterface.authRecipe.exceptions.AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException;
 import io.supertokens.pluginInterface.authRecipe.sqlStorage.AuthRecipeSQLStorage;
 import io.supertokens.pluginInterface.bulkimport.BulkImportUser;
 import io.supertokens.pluginInterface.bulkimport.exceptions.BulkImportBatchInsertException;
@@ -286,12 +287,34 @@ private static CanLinkAccountsResult canLinkAccountsHelper(TransactionConnection
         tenantIds.addAll(recipeUser.tenantIds);
         tenantIds.addAll(primaryUser.tenantIds);
 
-        checkIfLoginMethodCanBeLinkedOnTenant(con, appIdentifier, authRecipeStorage, tenantIds, recipeUser.loginMethods[0], primaryUser);
+        Set<String> emails = new HashSet<>();
+        Set<String> phoneNumbers = new HashSet<>();
+        Set<LoginMethod.ThirdParty> thirdParties = new HashSet<>();
 
-        for (LoginMethod currLoginMethod : primaryUser.loginMethods) {
-            checkIfLoginMethodCanBeLinkedOnTenant(con, appIdentifier, authRecipeStorage, tenantIds, currLoginMethod, primaryUser);
+        for (var lm : primaryUser.loginMethods) {
+            if (lm.email != null) {
+                emails.add(lm.email);
+            }
+            if (lm.phoneNumber != null) {
+                phoneNumbers.add(lm.phoneNumber);
+            }
+            if (lm.thirdParty != null) {
+                thirdParties.add(lm.thirdParty);
+            }
+        }
+        for (var lm : recipeUser.loginMethods) {
+            if (lm.email != null) {
+                emails.add(lm.email);
+            }
+            if (lm.phoneNumber != null) {
+                phoneNumbers.add(lm.phoneNumber);
+            }
+            if (lm.thirdParty != null) {
+                thirdParties.add(lm.thirdParty);
+            }
         }
 
+        authRecipeStorage.checkIfLoginMethodsCanBeLinked_Transaction(con, appIdentifier, tenantIds, emails, phoneNumbers, thirdParties, _primaryUserId);
         return new CanLinkAccountsResult(recipeUser.getSupertokensUserId(), primaryUser.getSupertokensUserId(), false);
     }
 
@@ -707,61 +730,8 @@ private static CreatePrimaryUserResult canCreatePrimaryUserHelper(TransactionCon
         // this means that the user has only one login method since it's not a primary user
         // nor is it linked to a primary user
         assert (targetUser.loginMethods.length == 1);
-        LoginMethod loginMethod = targetUser.loginMethods[0];
-
-        for (String tenantId : targetUser.tenantIds) {
-            if (loginMethod.email != null) {
-                AuthRecipeUserInfo[] usersWithSameEmail = authRecipeStorage
-                        .listPrimaryUsersByEmail_Transaction(appIdentifier, con,
-                                loginMethod.email);
-                for (AuthRecipeUserInfo user : usersWithSameEmail) {
-                    if (!user.tenantIds.contains(tenantId)) {
-                        continue;
-                    }
-                    if (user.isPrimaryUser) {
-                        throw new AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException(
-                                user.getSupertokensUserId(),
-                                "This user's email is already associated with another user ID");
-                    }
-                }
-            }
-
-            if (loginMethod.phoneNumber != null) {
-                AuthRecipeUserInfo[] usersWithSamePhoneNumber = authRecipeStorage
-                        .listPrimaryUsersByPhoneNumber_Transaction(appIdentifier, con,
-                                loginMethod.phoneNumber);
-                for (AuthRecipeUserInfo user : usersWithSamePhoneNumber) {
-                    if (!user.tenantIds.contains(tenantId)) {
-                        continue;
-                    }
-                    if (user.isPrimaryUser) {
-                        throw new AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException(
-                                user.getSupertokensUserId(),
-                                "This user's phone number is already associated with another user" +
-                                        " ID");
-                    }
-                }
-            }
-
-            if (loginMethod.thirdParty != null) {
-                AuthRecipeUserInfo[] usersWithSameThirdParty = authRecipeStorage
-                        .listPrimaryUsersByThirdPartyInfo_Transaction(appIdentifier, con,
-                                loginMethod.thirdParty.id, loginMethod.thirdParty.userId);
-                for (AuthRecipeUserInfo userWithSameThirdParty : usersWithSameThirdParty) {
-                    if (!userWithSameThirdParty.tenantIds.contains(tenantId)) {
-                        continue;
-                    }
-                    if (userWithSameThirdParty.isPrimaryUser) {
-                        throw new AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException(
-                                userWithSameThirdParty.getSupertokensUserId(),
-                                "This user's third party login is already associated with another" +
-                                        " user ID");
-                    }
-                }
-            }
-        }
-
 
+        authRecipeStorage.checkIfLoginMethodCanBecomePrimary_Transaction(appIdentifier, con, targetUser.loginMethods[0]);
 
         return new CreatePrimaryUserResult(targetUser, false);
     }
@@ -945,7 +915,7 @@ public static CreatePrimaryUserResult createPrimaryUser(Main main,
             return authRecipeStorage.startTransaction(con -> {
 
                 try {
-                        CreatePrimaryUserResult result = canCreatePrimaryUserHelper(con, appIdentifier, authRecipeStorage,
+                    CreatePrimaryUserResult result = canCreatePrimaryUserHelper(con, appIdentifier, authRecipeStorage,
                             recipeUserId);
                     if (result.wasAlreadyAPrimaryUser) {
                         return result;

diff --git a/...s/authRecipe/exception/AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException.java b/...s/authRecipe/exception/AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException.java
diff --git a/src/main/java/io/supertokens/bulkimport/BulkImport.java b/src/main/java/io/supertokens/bulkimport/BulkImport.java
@@ -20,7 +20,7 @@
 import io.supertokens.Main;
 import io.supertokens.ResourceDistributor;
 import io.supertokens.authRecipe.AuthRecipe;
-import io.supertokens.authRecipe.exception.AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException;
+import io.supertokens.pluginInterface.authRecipe.exceptions.AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException;
 import io.supertokens.authRecipe.exception.InputUserIdIsNotAPrimaryUserException;
 import io.supertokens.authRecipe.exception.RecipeUserIdAlreadyLinkedWithAnotherPrimaryUserIdException;
 import io.supertokens.authRecipe.exception.RecipeUserIdAlreadyLinkedWithPrimaryUserIdException;

diff --git a/src/main/java/io/supertokens/inmemorydb/Start.java b/src/main/java/io/supertokens/inmemorydb/Start.java
@@ -25,6 +25,7 @@
 import io.supertokens.pluginInterface.*;
 import io.supertokens.pluginInterface.authRecipe.AuthRecipeUserInfo;
 import io.supertokens.pluginInterface.authRecipe.LoginMethod;
+import io.supertokens.pluginInterface.authRecipe.exceptions.AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException;
 import io.supertokens.pluginInterface.authRecipe.sqlStorage.AuthRecipeSQLStorage;
 import io.supertokens.pluginInterface.bulkimport.BulkImportStorage;
 import io.supertokens.pluginInterface.dashboard.DashboardSearchTags;
@@ -1328,6 +1329,29 @@ public boolean doesUserIdExist_Transaction(TransactionConnection con, AppIdentif
         }
     }
 
+    @Override
+    public void checkIfLoginMethodCanBecomePrimary_Transaction(AppIdentifier appIdentifier, TransactionConnection con,
+                                                               LoginMethod loginMethod) throws
+            AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException, StorageQueryException {
+        // TODO
+    }
+
+    @Override
+    public void checkIfLoginMethodsCanBeLinked_Transaction(TransactionConnection con, AppIdentifier appIdentifier,
+                                                           Set<String> tenantIds, Set<String> emails,
+                                                           Set<String> phoneNumbers,
+                                                           Set<LoginMethod.ThirdParty> thirdParties,
+                                                           String primaryUserId)
+            throws AccountInfoAlreadyAssociatedWithAnotherPrimaryUserIdException, StorageQueryException {
+        // TODO
+    }
+
+    @Override
+    public void addTenantIdToPrimaryUser_Transaction(TenantIdentifier tenantIdentifier, TransactionConnection con,
+                                                     String supertokensUserId) {
+        // TODO
+    }
+
     @Override
     public void updateLastActive(AppIdentifier appIdentifier, String userId) throws StorageQueryException {
         try {