Dear Auth0 Team,
I am exploring the feasibility of implementing the following passwordless login experience and would like your guidance on whether this is possible with Auth0:
-
An after-care provider (whose email is already registered in my marketplace, but not might have an account yet in Auth0) receives a custom link (URL?email=after@careprovider.com) to access a hospital’s patient file on our platform, secured by an Auth0 login.
-
Upon clicking the “View File” link in the email:
- Scenario 1: If the provider is already logged in, they are immediately shown the patient file.
- Scenario 2: If the provider is not logged in, they are presented with a panel (= step 2 in the universal login - passwordless) to enter a one-time code, which was automatically sent to their known email address upon redirect when scenario 2 was detected.
- Upon successful validation of the code, the patient file is displayed.
Could you please confirm if this flow can be implemented using Auth0? If so, I would appreciate any relevant documentation or guidance to help me get started.
Thank you for your assistance!
PS: I’m dealing with sensitive data - if this seems not a secure way to send data (instead of using email attachments) please raise your concerns. In that case I will find another solution.
