fusionauth-issues icon indicating copy to clipboard operation
fusionauth-issues copied to clipboard
verified publisher icon FusionAuth

Ability to use code for passwordless

Open mooreds opened this issue 2 years ago • 3 comments

Ability to use code for passwordless

Problem

For completeness of the passwordless feature, it'd be great to be able to use a code for passwordless rather than a magic link.

This also gets around all the issues with #629 .

Solution

  • user wants to log in using passwordless
  • after submission, user is shown a page with N text boxes on it
  • user gets a N digit code emailed
  • user enters N digit code
  • user is logged in

Some of this is already built (you can set the passwordless/magic link code to be N characters right now, and modify the passwordless template to show the characters instead of having a link). But the entry page would need to be built.

Alternatives/workarounds

Use magic links.

Additional context

Came up on a prospective customer's call.

Internal: https://inversoft.slack.com/archives/C051S8N8E/p1702679227972979

Example of this from a different provider.

Screenshot 2023-12-15 at 4 06 51 PM

Related

  • https://github.com/FusionAuth/fusionauth-issues/issues/629
  • https://github.com/FusionAuth/fusionauth-issues/issues/1552

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

mooreds avatar Dec 15 '23 23:12 mooreds

This is possible today. The Passwordless API is de-coupled from email. But if you want to use FusionAuth as the transport, or use this feature in the FusionAuth hosted pages, you are limited to email.

robotdan avatar Dec 20 '23 16:12 robotdan

I think this is mostly a duplicate of https://github.com/FusionAuth/fusionauth-issues/issues/1552?

robotdan avatar Dec 20 '23 16:12 robotdan

I don't think so, @robotdan . #1552 seems to be about the delivery method (SMS) whereas this issue is about the code entry method (clicking a link [current] vs entering a 4-6 digit number [what this issue discusses]).

mooreds avatar Dec 20 '23 17:12 mooreds

I think this will be possible by way of changes made for https://github.com/FusionAuth/fusionauth-issues/issues/1.

robotdan avatar Dec 05 '24 00:12 robotdan

This is now possible for a phone number identity with the changes made for https://github.com/FusionAuth/fusionauth-issues/issues/1.

However, email identity only supports a clickable link vs entering a 4-6 digit number that was sent via email.

An idea would be for passwordless to have a Verification Strategy much like the Tenant->Identities->Identity verification settings->Verification Strategy of Clickable link or Form field

mrudatsprint avatar Aug 26 '25 22:08 mrudatsprint