Auth0 WebAuthn Passwordless with Device Biometrics is Now Available

Passwordless is an authentication method that verifies a user using two factors, something they have and something they are. WebAuthn is a web standard for passwordless authentication.
Read more…

Brought to you by @andres.aguiar

Let us know if you have any questions on this front! :speech_balloon:


Is WebAuthn passwordless included in the Enterprise plan only? In the plan feature comparison chart “Passwordless” is included in eg. B2B Essential plan, but in the dashboard “Authentication Profile” page option Identifier First + Biometrics is labeled with “Enterprise”.

I really hope it is available on non-enterprise plan too. Very few sites support passwordless Webauthn yet (I know only Azure AD, which requires Microsoft Authenticator on mobile), and Auth0 could be a real frontrunner with this amazing technology.

Another question: is WebAuthn with roaming authenticator + PIN-code yet supported as passwordless authentication? Seems that it isn’t, which feels odd because security key + PIN-code is already working very well as second factor.

Pricing around MFA is overall very confusing. I cannot find anywhere what is included in Pro MFA and what is in Enterprise MFA. IO the pricing page, this box is suggesting that the whole WebAuthn is only included in Enterprise


On my dev-tenant, this box is suggesting the same

However, on prod-tenant is speaks only about Pro MFA. There is nothing stating that I cannot use WebAuthn with my current plan when I enable it.

Documentation gives this not-so-helpful hint:

Please clarify the pricing page. We had already enabled WebAuthn second factor on production, and now it seems that we had to disable it although some users may already have enrolled it.