Is it possible to implement biometrics (fingerprint, FaceID, or TouchID) to authenticate with SSO? Our users like Auth0 and the added security but they still want to use biometrics to easily access their account through our app. We are using Java for Android and Swift for iOS with Universal Login.
My idea was to use Smart Lock with Android and KeyStore with iOS to store the user’s credentials during initial login within the app with authenticating with biometrics while at the same time authenticating the user with Auth0 bringing them into the app. On subsequent logins the user would just have to authenticate using biometrics which would send their saved creds to Auth0 to verify them bringing them into the app.
So far what I’ve read in the Android documentation mentions the use of biometrics to authenticate however I do remember reading documentation that stated this isn’t possible with SSO. Is that correct? Any help would be greatly appreciated.
Unfortunately got bad news for you. I researched through our stack and it seems that the only option we have in terms of biometrics is when using Swift SDK. Here’s the doc for that:
However i highly suggest filing in a feature request for that using our product feedback form here:
Unfortunately it’s not working with Passwordless and we don’t have support for Android. I know there are some works in progress but nothing public facing so far. I’ll let you know as soon as I have news on that front!
Are there any news regarding support for biometric login? I have a Xamarin Droid + iOS application and users are complaining about not being able to save passwords.
After reviewing the last two articles you have published and the corresponding articles mentioned in them, I have not found a solution to my problem.
My situation is that I have a mobile application, developed with Ionic, to which we want to integrate Auth0 authentication keeping the same look and feel of the login page.
But the problem is that if we want to customize the login page, the Auth0 dashboard doesn’t allow us to enable biometrics.
And with the other method, the MFA, it’s not exactly what we are looking for because we don’t want to incorporate another authentication factor but give the user the option to log in with username and password or with biometrics. Otherwise, we would have a change in the authentication flow that we do not want.
I still have some questions that I would like you to answer if you know the answer:
Regarding the biometrics described in the article ‘Enable fingerprint…’ Does those biometrics only work for iOs? or also for Android? Just to know, because if we decide to give up the custom log in at least know that it works for both operating systems.
Regarding the biometrics described in the article ‘Configure WebAuthn…’, do the biometrics only work for web applications opened from a browser or do they also work for native mobile applications (Android and iOs)?
Is there any other way to configure biometrics than one of the two options described in these two articles? With API management perhaps?
@konrad.sopala Auth0 have some method to generate a JWT Token to a user if i said it’s authenticated?I want to use the facial recognition solution itself in conjunction with auth0, maybe it was a login made only by email, or something like that after the successful verification in my internal system, is this possible?