Auth0's new Universal Login experience — including reimagined login flows, with a fresh UX design, and lightweight pages — is now generally available. Here is everything you need to know about this release.
First, What is Universal Login?
Universal Login authenticates users via a central authorization server. This contrasts with an embedded login flow, which relies on JavaScript libraries to perform authentication via cross-origin request. (You can find a more detailed explanation of universal vs. embedded login here.)
Universal Login benefits include:
- Simplified user experience
- Streamlined app integration
- Improved administration
- Increased authentication security, especially with 3rd party integrations and mobile apps
“Universal Login authenticates users via a central authorization server.”
Tweet This
Why Are We Updating Universal Login?
The new Universal Login experience allows us to provide a smoother login experience for you and your users while simplifying the development of future capabilities. The classic Universal Login experience based on Lock remains available for customers who wish to use it.
“The new Universal Login experience allows us to provide a smoother login experience for you and your users.”
Tweet This
What is New About the New Experience?
Here are the key improvements and additional capabilities available with the new Universal Login. We will be adding more over time:
Lightweight login pages
JavaScript is no longer required for login pages using the new Universal Login experience as the pages are rendered server-side. This drastically reduces the size of the page the end-user needs to load, resulting in lightweight pages that load quickly without consuming much bandwidth. In some cases, we see a nearly 80% reduction in page size from the classic Universal Login experience.
Redesigned flows for login, MFA, signup, and more
The fresh design for Universal Login pages and flows, combined with easy customization capabilities results in a unified, modern look and feel for your login pages. New flows can also be enabled in conjunction with existing classic Universal Login implementations. To see an interactive demonstration of the new flows visit flows.auth0.com.
Multiple authenticator support for multi-factor authentication
Customers can now enable support for multiple MFA authenticators. End users can now enable multiple MFA factors and then choose which one to use during the login process.
Language localization
All of the flows are fully localized in English, Spanish, German, French, Portuguese, Dutch, Norwegian, Swedish, Danish, Finnish, Chinese, Russian, Italian, and Japanese. Language can be determined via browser settings, a parameter in the /authorize endpoint, or tenant settings.
Email as an MFA factor
The ability to use a confirmed email address as a method for multi-factor authentication.
Improved consent flow
The consent flow now offers language localization, more branding customization options, and more descriptive text.
Device Flow
Device Flow is an OAuth 2.0 authorization flow designed for devices that either don’t have access to a browser or have limited input capabilities. Device Flow enables end-users to authorize such devices to access APIs (protected resources) provided the devices have an internet connection.
Successful password reset and email verification redirect
Now when a user successfully completes a password reset or verifies their email address, they will be redirected to the default tenant or application login URL, allowing them to quickly begin the login flow.
What features are on the Universal Login Roadmap?
We have a number of improvements in the works. We can share some of our future capabilities, but not all. Here are just a few things that are currently planned:
Editable text
The new Universal Login text can be customized for your needs.
Enhanced customization
Even further customization and enhancements for the look and feel for the Universal Login pages to generate an exceptional login experience.
Home Realm Discovery
Specifically for customers with an enterprise identity provider. Home Realm Discovery will allow users to enter their email in the login screen, which will then automatically detect the connection they should be authenticated with.
What Are the Limitations to the New Universal Login Experience?
There are currently a few limitations to the new Universal Login experience. Visit docs for an up-to-date list of the limitations.
How Do I Get Started?
To try the New Universal Login experience out, sign up for Auth0 for free and click on Universal Login in the management dashboard. For a quick, interactive demonstration of the new login flows, visit flows.auth0.com.
About Auth0
Auth0 by Okta takes a modern approach to customer identity and enables organizations to provide secure access to any application, for any user. Auth0 is a highly customizable platform that is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.
About the author
Andrew Akers
Product Marketing Manager