How to create a passwordless magic link in advance? (Auth by link)

asiamov · May 8, 2020, 4:57pm

Hey all!

So I’ve been wondering how and if I could implement a particular authentication flow with auth0.

Let’s say we have a system where the only way to really authenticate and match a user to our database is when we send a (physical, paper) invoice.
Would it be possible to generate a link/QR code that can be used to log in a user?

With passwordless the user gets a mail/sms with an OTP. But in this case it’s like the OTP already has been pregenerated.

Or would it be wiser to generate a special registration URL which then starts a passwordless flow in which the identity is already confirmed somehow?

I couldn’t really find a way for something like this in the docs so if anybody has an idea I’d be happy to hear it!

asiamov · May 15, 2020, 1:59pm

So I’ve come up with a somewhat(?) viable solution.

What do you think, could that work?

Generate a password reset link via the management API
Encode that in a QR code
User scans code, sets password
return URL includes auth0 user ID → user may update auth0 account with e-Mail
log in user

Would all be easier if we had emails for those users but we don’t always.

Topic		Replies	Views
Generate passwordless login url without sending SMS/Email? Help passwordless	6	3346	February 23, 2021
Sending Login Link to Users by email Help jwt , auth0 , passwordless , login , magic-link , passwordless-email	2	3567	December 21, 2022
Magic link and OTP Help configuration , application	0	974	February 3, 2023
Create magic link using management API Help passwordless	1	3439	February 8, 2022
Passwordless authentication with QR Code Help login-experience , new-universal-login-experience	2	463	April 22, 2024

How to create a passwordless magic link in advance? (Auth by link)

Related Topics