Auth0 Home Blog Docs

Hosted login and passwordless security



For username/password login, I understand that a hosted login page has a lot of advantages, concerning mostly security and cors issues.
Using passwordless, the /authorize endpoint is not called anymore, so I was wondering what would be the cons of using a custom ui over a hosted login page when using only passwordless? We still have to send an email to the auth0 api to get a code/link, but to me it’s not as sensitive as a email/password combination.