Thirdparty App Authorization with Passwordless + Custom UI

Hi there,

We’ve been long time users of Auth0 and now we are trying to add a system where third-party developers can ask for resource access authorization on behalf of our existing users.

I’ve sifted through all the documentation on how to set this up and to some degree I’ve been successful but now I have 2 remaining issues I can’t seem to resolve.

1- For a long time, our users have been using the Passwordless connection to create accounts and sign in. Now with third party applications, I can’t seem to find a way to allow these users to login and authorize applications. The only connections that are available are database and social.

2- Ideally when a third party developer requires access to a users account, they’d kick that user to our /authorize endpoint. Now if the user has already logged into our SPA, we’d like to skip to the consent screen and not show the login flow again. Is this possible?

3- Is there any APIs we can use to build the whole consent UI in-house?

Thanks!

Hello maxop,

Great question, I am also looking to implement the same functionality and got stuck here. Did you find a way to implement it?

Also I would like to ask, how did you implement passwordless flow for your first-party application? Are you using the libraries or directly the authentication API?

We are currently calling authentication API directly from our backend server.
our clients (mobile app and web app) would send the client_id to the backend server, then backend server will append the client_secret and route the request to auth0 for authentication.

Not sure if this is the right way to approach? It would be great if you can share any suggessions?