My question: Can we expect the password reset flow, which currently seems to rely on email, to also be doable over phone/text? We have some users that don’t have personal emails and so accomplishing password resets over phone would be a better option.
As far as I can see, that is correct; phone_nember can be turned on as an identifier also without the accompanying email identifier for the database connection; so the user can use their phone number to reset the password.
I went through a test user login flow with the above setting, and after clicking “Forgot password?” on one of the New Universal Login screens, I can see Auth0 asks this question in the next screen:
To receive a call or SMS with the 6-digit password reset code, one needs to have a phone provider configured in their Auth0 tenant. I do not have it, so I can’t complete the flow, but if you have it configured, you should be able to go through the entire flow.
Do you have any other questions about the phone number identifier?