We have a native APP that we could secure through a passworless (email connection).
We also have a need for users to login to other applications and 3rd party apps (authorization code flow) via this same passwordless email connection.
When users attempt to login to the above applications could it be possible to somehow get the login OTP to display in their (logged in) native application instead of being sent to their email?
Thanks
Thank you for posting @jack.broadhurst !
As of today, unfortunately, there is only an option to send OTP via SMS or email. Sending it via email is another layer of making sure the login attempt belongs to the right user, because the user needs to first log in to their email.
Only once the code is provided to the login screen is the login flow complete and the user is presented with the app.
I encourage you to submit a feature request via our Feeback post, this way it will round our Product Managers who would consider it from the perspective of security.
Anyway, please feel free to share your thoughts or follow-up questions here as well!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.