Passwordless authentication is the process of self-identification by entering a mobile phone number or email address and receiving a one-time verification code via text or through Auth0's app, which can then be used to log in.
This service is provided by Auth0. When a user authenticates using a passwordless connection, they are really connecting via Auth0 as the Identity Provider (IdP). Since there's no way to make users constantly reuse the same methods of authentication without incurring an undue burden on them, it's common for a single user to end up with multiple user profiles connected to different providers.
Account linking leverages this fact by providing functionality that links multiple active accounts from the same identity provider into a single super account so that authorized requests will display data from all connected accounts.
- Go to https://manage.auth0.com,
- Click on the ‘Create application button’ in the 'Applications’ tab from the dashboard,
- Choose 'Single Page Web Applications’, add a name in the 'Name’ field and click 'Create'.
- Select the 'React Multi-factor’ option. You can now download the code folder and run it locally.
- Now, go to the 'Security’ tab on the dashboard and choose 'Multi-factor Auth’.
- On the 'Multi-factor authentication’ screen, scroll and enable the 'One-time Password’ option, then choose the option "Always" for Require Multi-factor Auth
- Back on the ‘Multi-factor authentication’ screen, scroll and click the ‘Phone Message’ option.
- Choose the ‘Custom’ option in the delivery provider and ‘SMS’ in the delivery method.
You have now created an application and enabled multi-factor authentication for the same.
- Go to the 'Auth Pipeline’ tab on the dashboard.
- On the 'Hooks’ page, create a 'Send Phone Message’ hook with the Gupshup API.
- Now, go to the 'Actions’ tab on the dashboard, and choose 'Flows’.
- On the 'Flows’ screen, choose the 'Send Phone Message’ option.
- Since the hook is already enabled, it will show on the screen. Make sure the hooks are mapped correctly.
Lastly, log in and check whether multi-factor authentication is enabled and you are getting a verification code on WhatsApp, as part of additional security.
Updated 2 months ago