Is it possible to configure Auth0 (Enterprise) to send the “with code” verification email instead of the “with link” email without coding an Action or customizing the universal login?
For a native app this would improve the “signup” UX.
Thanks,
– Bill
Hi @bill.white,
Thanks for reaching out to the Auth0 Community!
I understand that you’d like to configure your Passwordless Email authentication to use a code instead of a link.
Unfortunately, you will not be able to avoid customizing the Universal Login Page.
To accomplish this, you can define the passwordlessMethod to be code in your Universal Login Page. See below for an example:
var lock = new Auth0LockPasswordless(config.clientID, config.auth0Domain, {
passwordlessMethod: 'code',
...
});
After doing so, your app will be using the passwordless code method without implementing any external Actions.
Our documentation here goes into more depth on the Passwordless options: https://auth0.com/docs/libraries/lock#passwordless-options
Since you inquired about specifically not customizing the ULP, could you clarify why that may be required?
If applicable, note that it is possible to render the ULP page conditionally based on the clientID. Therefore, you could implement this logic specifically for your Native App.
Looking forward to hearing from you.
Thank you.
Thanks @rueben.tiow for this information.
From your response (which I’ll bookmark for later reference) I gather it’s not possible to configure the “verification with code” flow to be used with a “username & password” authentication setup. This would be a better UX for my native app users, because it would keep more of the user’s focus within the app instead of the browser view of the “magic link” destination URL.
Am I correct in this?
Hi @bill.white,
Thank you for your response.
My apologies for misunderstanding your use case. I believe what you are trying to accomplish is to send the Email Verification (using Code) after a user has signed up.
Unfortunately, this feature is not available out-of-the-box and is encouraged to use the Email Verification (using Link) method for verification.
However, if you decide that you must have email verification with code, then it’s possible to implement a new service to store that code and check if it’s the same code the user entered, and then calling the Management API to validate their email. In essence, this is how the Email Verification (using Link) works, and you will have to implement the logic for using code.
Not to mention, you will also need to use a Post-Login Action that invalidates users’ access from logging in until they have verified their email with the code, which is triggered as soon as they try to log in with a non-verified email address.
If you have some time, please take a moment to submit a Product Feedback to us. I believe that this is a valuable feature that many would find useful.
Please let me know if you have further questions. I’d be happy to help.
Thank you.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.