I have an application where I am using the users from auth0, I create the users directly using M2M and then grant access using the resource owner endpoint to get the access token to be used around the application, in this case works perfectly, now I need to implement a frictionless way to grant access to the users, I don’t using any solution on the frontend for auth0 like Universal Login, we are using only M2M, so, my question is, can I implement passwordless flow using only M2M? I saw the passwordless/start endpoint but the code is always being sent to the email or phone through sms, is there a way to retrieve the code and implement my custom security validation, and then validates the code retrieved using the passwordless/verify to obtain the access_token for the user?
Welcome to the Auth0 Community!
Are you doing an embedded login page in your app? If so, you can use the Using Passwordless APIs to send users OTP and then exchange for a token.
I’m a bit confused about the description “we are using only M2M, so, my question is, can I implement passwordless flow using only M2M”.
Passwordless is a user-centric flow, and not a M2M scenario. M2M means there is no user involved.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.