We are on Auth0 Enterprise with New Universal Login. We need biometric/fingerprint as the primary login factor (not MFA) with progressive enrollment — password on first login, fingerprint on all subsequent logins.We also need to keep our fully custom branded login page (custom header, footer, styles).What is the recommended approach to achieve both?
Hi @aravind.ps,
Welcome to the Auth0 Community!
In order to achieve your use case, you can configure your Database connection to use Passkeys as a primary authentication method. This approach allows you to progressively enroll your users by having them create a password during their first login, after which they will be prompted to create a passkey to use for all subsequent sessions via fingerprint or facial recognition. You can enable this behavior by toggling the Progressive Enrollment setting within your Passkey policy settings in the Auth0 Dashboard.
Configuring Passkeys comes with a few prerequisites, exampled in the above mentioned documentation. This requires your tenant to use the New Universal Login experience, which means you will need to ensure that the Classic Custom Login Page is disabled. While the New Universal Login experience is more structured than the Classic version, you can still fully customize the branding of your page to include your specific headers, footers, and styles. You can choose between different options presented in this article - Universal Login Page Customization, but my recommendation would be using Page Templates. Since you are on an Enterprise plan, Page Templates allow you to use Liquid syntax to wrap the Auth0 login widget in your own custom HTML, ensuring your brand identity remains consistent while leveraging modern biometric capabilities.
I hope this helps and if you have further questions please let me know!
Best regards,
Remus
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.