Achieving passwordless login with Auth0 Passwordless Connections function

Security business menu

Security business
HOME

To be elected
cause

Service

Handling Manufacturer

Examples/reports/
Blog/Glossary

Seminar/
video on demand

TOP

Products/Services

product
- Okta Workforce Identity Cloud
- Okta Customer Identity Cloud

Specifications/Technical Information

Specifications/Technical Information
- Workforce Identity Cloud Basic Setup Behavior Guide
- Customer Identity Cloud (Auth0) basic setup behavior guide

solution

solution
- Okta Solutions - Zero Trust with Okta

User stories

support

- Macnica Support

Seminar content

Document request

inquiry

Event/Seminar

video on demand

Okta

Octa

Introduction

By using Auth0's Passwordless Connections feature, you can achieve passwordless login with one-time codes (sent to SMS/email) and magic links (sent to email). This eliminates the need for users to register a password when registering an account.

This time, we will introduce the passwordless login operation when using the Passwordless Connections function, using the one-time code transmission by e-mail as an example.
As shown below, the login operation is completed by entering the one-time code sent to the email address specified by the user.

By eliminating the need to have the password itself, there are the following advantages.

Avoid password leaks
Reduce user abandonment by omitting troublesome password entry
Eliminates the need for password management (password reset, password hashing, storage processing, etc.), reducing management man-hours and costs

This page introduces the setting method and actual login behavior for passwordless authentication using Auth0's Passwordless Connections feature.

supplement

As a passwordless login realized by Auth0, there is also a method using WebAuthn. This requires password registration on the user side. For details, please refer to [Password-less login by Auth0 device biometric authentication].

Note that it is not possible to use both the Passwordless Connections function and the method using WebAuthn at the same time due to product specifications.
Configure Universal Login with Passwordless - Auth0 docs

premise

The information on functions and settings described on this pageis current as ofApril2023.

Notes

Please note the following when using the Passwordless Connections function.

1. Available authentication methods

Please select from the following three types.

Send one-time code by SMS:
Passwordless Authentication with SMS - Auth0 docs
Sending a one-time code by email:
Passwordless Authentication with Email - Auth0 docs
Sending magic links by email:
Passwordless Authentication with Magic Links - Auth0 docs

2. Available login screens

You need to use "New Universal Login ^*", "Classic Universal Login", and "Embedded Login" login screens.

*Supported as GA function from April 2023 (see below)

Achieving passwordless authentication using Okta CIC (Auth0) Passwordless Connection function (New Universal Login edition)

Setting Example

This section explains how to set up the Passwordless Connections function, taking as an example the sending of a one-time code by e-mail and the use of the Classic Universal Login screen. The flow of necessary settings is as follows.

0. Preparation

1. Enabling the Passwordless Connections feature

2. Change login page of Universal Login

From here, we will introduce the specific setting method.

0. Preparation

Please prepare the following before performing the following settings.

Mac OS or Windows PC
Installing Node.js, Node Package Manager
Issuing an Auth0 free trial account (Reference: [How to use Auth0 trial])
Preparing a sample application (Reference: [How to set up linkage between Auth0 and a sample application])

1. Enabling the Passwordless Connections feature

On the Auth0 admin screen, click [Authentication] > [Passwordless]

On the Auth0 admin screen, click [Authentication] > [Passwordless]

Enable Email

On the Settings tab, leave the default settings and click Save
*If you want to change the subject or body of the sent email, change it each time.

On the Settings tab, leave the default settings and click Save

On the Applications tab, enable the desired application and click Save

On the Applications tab, enable the desired application and click Save

2. Change login page of Universal Login

Use the login page template dedicated to Passwordless provided by Classic Universal Login.

On the Auth0 admin screen, click [Branding] > [Universal Login]

On the Auth0 admin screen, click [Branding] > [Universal Login]

In the Login tab, enable Customize Login Page

In the Login tab, enable Customize Login Page

In [Default Templates], select [Lock(Passwordless)] and move to the bottom of the screen

Under Default Templates, select Lock(Passwordless) and move to the bottom of the screen.

Click Save Changes

operation check

1. Access the sample application (http://localhost:3000) with a web browser and click [Log in].

2. On the login screen, enter your email address and click [SUBMIT].

3. Enter the one-time code included in the email sent to you on the login screen and click [SUBMIT].

4. Confirm that you were able to log in to the application

Confirm that you have successfully logged into the application

5. Confirm the user information on the Auth0 management screen

Check the user information on the Auth0 management screen

in conclusion

By using Auth0 's Passwordless Connections feature, you can easily implement passwordless logins that do not require password registration on the user side. Although there are some restrictions, please use the Passwordless Connections function, which improves usability and security for users.

If you are interested in passwordless authentication realized by Auth0, please contact us.

reference

Click here for a list of Customer Identity Cloud (Auth0) basic setting operation guides

Inquiry/Document request

In charge of Macnica Okta Co., Ltd.

inquiry Document request

TEL：045-476-2010
E-mail：okta@macnica.co.jp

Mon-Fri 8:45-17:30