Hosted login and passwordless security

For username/password login, I understand that a hosted login page has a lot of advantages, concerning mostly security and cors issues.
Using passwordless, the /authorize endpoint is not called anymore, so I was wondering what would be the cons of using a custom ui over a hosted login page when using only passwordless? We still have to send an email to the auth0 api to get a code/link, but to me it’s not as sensitive as a email/password combination.


Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?