Lock Android v2 Passwordless
Lock Passwordless authenticates users by sending them an Email or SMS with a one-time password that the user must enter and confirm to be able to log in, similar to how WhatsApp authenticates you. This article will explain how to send a CODE using the
In order to be able to authenticate the user, your application must have the Email/SMS connection enabled and configured in your Auth0 Dashboard.
Implementing CODE Passwordless
app/build.gradle file add the Manifest Placeholders for the Auth0 Domain and the Auth0 Scheme properties which are going to be used internally by the library to register an intent-filter that captures the callback URI.
It's a good practice to define reusable resources like
@string/com_auth0_domain but you can also hard code the value to
YOUR_DOMAIN in the file.
Next, modify the
AndroidManifest.xml file. Add the
android.permission.INTERNET permission to allow Lock to make requests to the Auth0 API.
PasswordlessLockActivity. Depending on which passwordless connection you need to handle, the
data attribute of the intent-filter will differ:
data attribute of the intent-filter defines which syntax of "Callback URI" your app is going to capture. In the above case it's going to capture calls from
sms passwordless connection, the
pathPrefix would end in
In case you are using an older version of Lock for Social Authentication, the data attribute that captures the "/callback" redirect URI inside the intent-filter must be added to the
PasswordlessLockActivity by you.
Make sure the Activity's
launchMode is declared as
singleTask or the result won't come back in the authentication.
When the Passwordless connection is SMS you must also add the
CountryCodeActivity to allow the user to change the Country Code prefix of the phone number.
In any of your activities, you need to initialize
PasswordlessLock and tell it to send a CODE. We'll indicate this by calling the
Finally, just start
PasswordlessLock from inside your activity and perform the login.
Depending on which passwordless connections are enabled, Lock will send the CODE in an Email or SMS. The 'email' connection is selected first if available. Then the user must input the CODE in the confirmation step. If the value equals to the one the server is expecting, the authentication will be successful.