Passwordless Email Connection Limitations

Passwordless Email Connection Limitations

Keywords: passwordless email connection sms universal login lock embedded classic

Problem Statement: Passwordless option is not showing up on Universal Login or not functioning as expected.

Symptoms: User goes to log in and despite being enabled, passwordless login is not an option.

Steps to Reproduce:

  1. Admin creates passwordless connection and assigns it to an application.
  2. User attempts to login, but the default login prompting for email and password is displayed.

Causes: In a vast majority of cases, this is due to the fact that New Universal Login is enabled for which Email/SMS based passwordless login is not supported. See: New Universal Login vs. Classic Universal Login

Solution: New Universal Login does in fact support passwordless login - This is however only available for WebAuthn with Device Biometrics.

Should you wish to provide Email/SMS passwordless login for your users, there are 2 options:

  1. Universal Login + Lock (passwordless)
  2. Universal Login + Custom UI + Auth0.js

For more information on this, please see: Configure Email or SMS for Passwordless Authentication

Considerations:

  • It’s not possible to retrieve Refresh Tokens when using a Passwordless Magic Link via email, only an OTP.
  • Passwordless users are separate from any other connection in Auth0 and can only be created via the management API. For more on this, please see: Passwordless Connections
3 Likes