Passwordless with New Universal Login

New Universal Login users can now enable Passwordless Connections. Passwordless Connections enable end-users to sign up and login without a password.

Follow the steps below to enable Passwordless Connections with New Universal Login in your tenant.

In your dashboard, navigate to Authentication > Authentication Profile.

Choose either Identifier First or Identifier First + Biometrics.

In your dashboard, navigate to Authentication > Passwordless and enable SMS and/or email login.

Add your configuration information to the SMS or email login pages. Below is an example of the SMS Login configuration page.

On the Applications tab of your chosen connection option, enable your applications to use Passwordless.

To trigger the Passwordless flow, your application must specify the connection name in the authorization request with email or sms.

Below is an example of the Passwordless configuration settings you need to add to your application:

auth0 = await createAuth0Client({
     domain: config.domain,
     client_id: config.clientId,
     connection: "email"
  });

auth0 = await createAuth0Client({
     domain: config.domain,
     client_id: config.clientId,
     connection: "sms"
  });

This configuration passes the connection parameter to the /authorize endpoint similar to the URL construction below:

https://mytenant.us.auth0.com/authorize?client_id={id}&connection=sms&scope=…&response_type=code&response_mode=query&state=…&redirect_uri=http%3A%2F%2Flocalhost%3A3000&code_challenge=…

Your application can specify what type of Passwordless connection the application can use. In Classic Universal Login, you must customize the login prompt for all applications.

After you enable and configure Passwordless in your tenant, your users can sign up and login with a phone number or email. Your application then delivers an OTP code to the users device or email address.