Using AWS SNS for Passwordless Authentication

Last Updated: Oct 1, 2024

Overview

A user is attempting to implement passwordless SMS using AWS SNS. They have done the following:

  1. Enabled passwordless SMS option
  2. Fetched connections using GET /api/v2/connections
  3. Attempted to set AWS SNS provider URL in the gateway_url parameter
  4. Invoked POST /passwordless/start

However, this results in an error:

{ “error”: “sms_provider_error”, “error_description”: “Unexpected response while calling the SMS gateway: 404” }

Solution

It’s not possible to connect directly to SNS using the custom gateway option.

Instead it’s necessary to configure a proxy that will serve as an SMS gateway to Auth0 and send the SMS via SNS on its behalf.

Here’s how to achieve this:

  1. Create a proxy application (e.g., AWS Lambda function) to handle API calls to AWS SNS on behalf of Auth0. This will serve as the SMS gateway.
  2. Configure a custom SMS gateway. To authenticate requests to the gateway, configure a symmetric secret.
  3. In the proxy, verify API tokens sent by Auth0. Here’s an example in Node.js using the jsonwebtoken library:

jwt.verify(token, ‘’, function(err, decoded) { console.log(decoded.foo) });

  1. After token verification, use the AWS SDK to send SMS via SNS.
1 Like