I'm working on an example application which shows how to use OAuth to login users into a web application. This is fairly straight forward if only one OAuth provider is allowed, but it becomes complicated if an application needs to access multiple OAuth services.<p>For example, assume an application allows users to login with Twitter and/or Dropbox. The first time the user comes to the site, he logs in with Twitter and a profile is created with his Twitter screen name. The second time he comes to the site he logs in using Dropbox and a new profile is created, because there is no way to determine this is the same person who logged in previously. Now the user has two different profiles.<p>It is possible for the user to login with Twitter and then provide his Facebook credentials to the application, and for the app to determine the user now has two profiles, but should the system enable the user to combine those profiles at that point? Depending on how complicated the profile information is, that could be a fairly significant task. What is the best way to rectify this?