Google Suite allows users to configure one time passwords for apps called App Passwords.
Is auth0 capable of using those kind of passwords?
If it is, what are the restrictions - as this doesn’t seem to work out of the box through with Authorization Code Grant Flow with PKCE?
Auth0 doesn’t support App Passwords, nor does it really need to, because Auth0 never receives your Google password either.
All that happens when you login with a Google account, is that Auth0 receives an access token, with the specific permissions requested by Auth0 and granted by the user. Users can revoke the access token at any time through their Google account settings.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.