Edit (3 hours after written) - Rewrote my post to clear up confusion after a reply made me realize it was confusing as written.
It is my understanding that Discourse primarily uses a standard username and password setup where users register with a username and password to create an account.
It is also possible to create an account that still has a username but instead of a password, it uses a third party service for authentication of the account.
It seems this can be via well known services like Google, Facebook, Twitter, etc. and custom single sign-on setups for a site with an existing authentication structure.
I have a few questions related to this behavior:
1. Can an account’s authentication method be changed after it’s created?
Just from looking at the account page for a user, it appears the answer is no.
Which leads me to wonder if so what happens if the user deletes their account on the authentication service to the Discourse account.
Like the user creates a Discourse account that uses authentication via Twitter and later deletes their Twitter account.
Does this mean the user can no longer log in to there Discourse account?
In a situation where the authentication method is a password, it can be reset, I have no idea what happens if the authentication method no longer works.
2. If a user uses another authentication method, can they be automatically logged in upon visiting the Discourse site?
I’m mainly curious in regards to using a custom sign-on setup but I would also be interested to know if this could be done with one like Facebook.