Passwordless with Universal Login

The Universal Login Experience supports Passwordless connections, which allow users to provide a phone number or email address, and then receive a one-time password (OTP) to complete authentication.

To configure Universal Login to support Passwordless connections, you'll need to set the Authentication Profile to use a supported login flow, and update your application to specify the connection during authentication.

In the Auth0 Dashboard, go to Authentication > Authentication Profile.

Select either Identifier First or Identifier First + Biometrics.

Depending on the type of connections you have enabled for your application, you may need to update your application to specify a Passwordless connection during login:

To specify a Passwordless connection during login, you must pass the connection parameter and its value (either sms or email) to the Auth0 Authentication API Login endpoint:

https://mytenant.us.auth0.com/authorize?client_id={id}&connection={sms|email}&scope=…&response_type=code&response_mode=query&state=…&redirect_uri=http%3A%2F%2Flocalhost%3A3000&code_challenge=…

If you are using one of our SDKs, you can specify a Passwordless connection during initialization. For example:

auth0 = await createAuth0Client({
     domain: config.domain,
     client_id: config.clientId,
     connection: "email"
  });

auth0 = await createAuth0Client({
     domain: config.domain,
     client_id: config.clientId,
     connection: "sms"
  });

When the user is prompted to enter their OTP, they'll see one of the following screens: