Docs

Migration Guide for lock-passwordless to Lock v11 with Passwordless Mode

Versionv11

Single Sign-On with Auth0

Versioncurrent

The easiest and most secure way to implement passwordless authenticationSingle Sign-on (SSO) with Auth0 is by using Universal Login for authentication. In fact, currently SSO is only possible with native platforms (like iOS or Android) if the application uses Universal Login. The Swift and Android quickstarts provide some examples of using Universal Login.

If you cannot use Universal Login with your application, review the following for additional info on embedded authentication:

General changes and additions

SSO on first login

For SSO with Auth0, the Central Service is the Auth0 Authorization Server.

Let's look at an example of the SSO flow when a user logs in for the first time:

  1. Your application redirects the user to the login page.
  2. Auth0 checks to see whether there is an existing SSO cookie.
  3. Because this is the first time the user is visiting the login page and no SSO cookie is present, the user will be asked to log in using one of the connections you have configured.

  1. Once the user has logged in, Auth0 will set an SSO cookie and redirect the user to your application, returning an ID Token that contains identity information for the user.

Importing Auth0LockPasswordless

SSO on subsequent logins

Let's look at an example of the SSO flow when a user returns to your website for a subsequent visit:

  1. Your application redirects the user to the login page.
  2. Auth0 checks to see whether there is an existing SSO cookie.
  3. Auth0 finds the SSO cookie, and if necessary, updates it. No login screen is shown.
  4. Auth0 redirects the user to your application, returning an ID Token that contains identity information for the user.

Using the CDN

Check a user's SSO status

You can check a user's SSO status from an application by calling the checkSession method of the auth0.js SDK, which will attempt to silently authenticate the user within an iframe. Whether the authentication is successful or not indicates whether the user has an active SSO cookie.

Using npm + module bundler

Keep reading