Auth0 Home Blog Docs

Credentials with passwordless authentication

Hi.

I’m trying to make the app with passwordless authentication.

App calls ‘startPasswordless’ to receive a magic link.

authentication
.startPasswordless(email: email, type: .WebLink)
.start { result in

For the passwordless I’ve setup the scope:

“openid profile offline_access email”

Everything works fine, I’m getting an email that can be opened in the app. And use received access_token to retrieve a profile.

The problem is that clicking /passwordless/verify_redirect link in the email that opens the app, I’m only getting a short version of an access_token and expires_in value.

So there is no way to create full Credentials(with long JWT and refresh token) object and store it to the keychain for Touch/Face ID for further usage using CredentialsManager.store method

Is there a way to setup passwordless and receive Credentials object without using Auth0 lock or web Auth? Or maybe get Credentials by using that short access token?