Passwordless Authentication without the Authorize App step?

I am using:

  • Regular Web Application with nextjs-auth0
  • Passwordless connection to send a one-time password (OTP)

The OTP flow can be completed and the user can register/login with the one-time password received in their email.

However, during the sign-up process, after entering the one-time password, the new user is presented with the “Authorize App” step.

The message:

“[auth0-regular-web-app-name] is requesting access to your [auth0-tenant-name] account.”

This does not make sense from the user point of view, who is just copy-pasting an OTP from their email.

How can I avoid this happening?

Answering my own question for anybody who runs into the same issue.
In my specific case I had an API accessing Auth0 Management API (a Machine to Machine connection).
This also had to be enabled for Passwordless Connections and once that was done, the consent form was no longer coming up.
Passwordless Connections → Email → Applications (enable main RWA and whatever other connection your setup needs also)

1 Like

Thanks for following up with your solution! :smile:

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.