We have implemented Auth0 passwordless login for our app, but recently we are running an user-experience issue with mobile devices and Webview.
Here is an example workflow…
- Web app sent an transaction email to user with a private url and view an item.
- User opens that email in their mobile gmail app, and click on the link.
- The gmail app will open the private url in the Android WebView, which then redirect user to login.
- User then types in their email to receive a login “code” or “magic link”.
- Here is the problem - in order for user to copy/paste the code or to click on the magic link, they will need to navigate out of the Android WebView to go back to the gmail app, which cause the user to lose reference to the private url.
And since there is no way to avoid WebView programmatically, is there another way to workaround this type of scenario?
- Is there a way via Auth0.webauth to generate a login URL, so we can embed that in the email?
- Or is there another way to login w/o sending a “Code” or “Magic link”?
We really like Auth0, but this could be a deal breaker where we have to rethink about our authentication flow.