Prevent automatic password prompt when passing login_hint to Universal Login with biometrics enabled

Feature: Prevent automatic password prompt when passing login_hint to Universal Login with biometrics enabled

Description: We have New Universal Login enabled with the Identifier First + Biometrics authentication profile selected. When login_hint is used to populate the user’s email address, they are automatically forwarded to the route u/login/password. This makes it show the password input field immediately, regardless of whether the user has biometrics configured. It would be better if this redirect did not happen at all, leaving the user at the u/user/identifier route so that when they click Continue, they are presented with the Biometric authentication prompt if they have biometrics configured, OR the password input if they don’t.

In other words, the login_hint parameter should not affect the screen the user lands on when opening the new universal login page. It still achieves its purpose of autofilling the username without disrupting other auth flows. Instead, perhaps the prompt parameter could be expanded to allow us to control which page the user lands on, such as ‘password’ or ‘biometrics’.

I can’t upvote this enough! I think Cadin did a great job describing this feature in a way that it might be easy but still secure to implement, so hopefully this change can be prioritized, implemented, and released very quickly.

Not having this may cause us to back away from Auth0 and not sign a contract. It’s a small but very mighty issue that may force us to implement all authentication and biometrics features on our own

This feels like a defect, since we’re asking the users to enroll in WebAuthN and then not actually using their enrollment for their next authentication. We use the login_hint extensively across our applications and this is going to essentially make the recent WebAuthN enhancements useless for our users.