Passwordless with Universal Login
Before you start
Configure a Passwordless connection. To learn how, read the following articles:
The Universal Login Experience supports Passwordless connections, which allow users to provide a phone number or email address, and then receive a one-time password (OTP) to complete authentication.
Enable Passwordless for Universal Login
To configure Universal Login to support Passwordless connections, you'll need to set the Authentication Profile to use a supported login flow, and update your application to specify the connection during authentication.
Enable Identifier First
In the Auth0 Dashboard, go to Authentication > Authentication Profile.
Select either Identifier First or Identifier First + Biometrics.
Update your application
Depending on the type of connections you have enabled for your application, you may need to update your application to specify a Passwordless connection during login:
Database connection | Passwordless connection | Need to specify? | User experience |
---|---|---|---|
Yes | SMS and/or Email | Yes | Specified Passwordless connection is presented during login. |
No | SMS and Email | No | Passwordless connection that was created first is presented. |
No | SMS or Email | No | Passwordless connection is presented (along with any enabled Social connections) during login. |
To specify a Passwordless connection during login, you must pass the connection
parameter and its value (either sms
or email
) to the Auth0 Authentication API Login endpoint:
https://mytenant.us.auth0.com/authorize?client_id={id}&
connection={sms|email}
&scope=…&response_type=code&response_mode=query&state=…&redirect_uri=http%3A%2F%2Flocalhost%3A3000&code_challenge=…
If you are using one of our SDKs, you can specify a Passwordless connection during initialization. For example:
auth0 = await createAuth0Client({
domain: config.domain,
client_id: config.clientId,
connection: "email"
});
auth0 = await createAuth0Client({
domain: config.domain,
client_id: config.clientId,
connection: "sms"
});
Was this helpful?
Test the connection
When the user is prompted to enter their OTP, they'll see one of the following screens: