This is Django code, but likely clear enough so that it makes sense to read as pseudo-code:
def login(request):
params = {
'client_id': settings.AUTH0_CLIENT_ID,
'client_secret': settings.AUTH0_CLIENT_SECRET,
'connection': 'sms',
}
login_url = requests.Request(
'POST',
f'https://{settings.AUTH0_DOMAIN}/passwordless/start',
params=params,
).prepare().url
return redirect(login_url)
Which returns
"error": {
"message": "missing client parameter",
"oauthError": "invalid_request",
"type": "request-error"
},
in the logs, and
{"error":"bad.connection","error_description":"Missing required property: connection"}
in the browser.
Maybe I’m doing this wrong, but what I want to do is, from my regular web app, click a button that launches the Universal Login, and does the entire SMS send/code response flow on your servers, and then returns to me through a callback with a code/token that says “this user is authenticated”. What am I doing wrong if that’s my goal?
I am trying to do this entirely over phone and SMS. No email. JUST Passwordless sms