Add passwordless #8127
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,150 @@ | ||
| import { getCustomStaticPath } from '@/utils/getCustomStaticPath'; | ||
|
|
||
| export const meta = { | ||
| title: 'Passwordless', | ||
| description: 'Learn how to configure passwordless sign-in flows', | ||
| platforms: [ | ||
| 'android', | ||
| 'angular', | ||
| 'javascript', | ||
| 'nextjs', | ||
| 'react', | ||
| 'react-native', | ||
| 'swift', | ||
| 'vue' | ||
| ] | ||
| }; | ||
|
|
||
| export function getStaticPaths() { | ||
| return getCustomStaticPath(meta.platforms); | ||
| } | ||
|
|
||
| export function getStaticProps() { | ||
| return { | ||
| props: { | ||
| meta | ||
| } | ||
| }; | ||
| } | ||
|
|
||
| Amplify supports the use of passwordless authentication flows using the following methods: | ||
|
|
||
| - [SMS-based one-time password (SMS OTP)](#sms-otp) | ||
| - [Email-based one-time password (Email OTP)](#email-otp) | ||
| - [WebAuthn passkey](#webauthn-passkey) | ||
|
|
||
| Passwordless authentication removes the security risks and user friction associated with traditional passwords. | ||
| {/* add more color */} | ||
|
|
||
| <Callout warning> | ||
|
|
||
| **Warning:** Passwordless configuration is currently not available in `defineAuth`. We are currently working towards enabling support for passwordless configurations. [Visit the GitHub issue to track the progress](https://link-to-backend-issue) | ||
jjarvisp marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| {/* @TODO file issue */} | ||
josefaidt marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| </Callout> | ||
|
|
||
| {/* need a section about what a "preferred" factor is */} | ||
|
|
||
|
|
||
| ## SMS OTP | ||
|
|
||
| SMS-based authentication uses phone numbers as the identifier and text messages as the verification channel. At a high level end users will perform the following steps to authenticate: | ||
|
|
||
| 1. User enters their phone number to sign up/sign in | ||
| 2. They receive a text message with a time-limited code | ||
| 3. After the user enters their code they are authenticated | ||
|
|
||
| {/* quick blurb of basic usage */} | ||
| <InlineFilter filters={["angular", "javascript", "nextjs", "react", "react-native", "vue"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
|
|
||
| </InlineFilter> | ||
| <InlineFilter filters={["android"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
|
|
||
| </InlineFilter> | ||
| <InlineFilter filters={["swift"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
|
|
||
| <Callout info> | ||
|
|
||
| SMS-based one-time password requires your Amazon Cognito user pool to be configured to use Amazon Simple Notification Service (SNS) to send text messages. [Learn how to configure your auth resource with SNS](/[platform]/build-a-backend/auth/moving-to-production/#sms). | ||
|
|
||
| {/* NOTE the linked page will need to be updated with sns instructions */} | ||
|
|
||
| </Callout> | ||
|
|
||
| [Learn more about using SMS OTP in your application code](/[platform]/build-a-backend/auth/connect-your-frontend/sign-in/#sms-otp). | ||
|
|
||
| ## Email OTP | ||
|
|
||
| Email-based authentication uses email addresses for identification and verification. At a high level end users will perform the following steps to authenticate: | ||
|
|
||
| 1. User enters their email address to sign up/sign in | ||
| 2. They receive an email message with a time-limited code | ||
| 3. After the users enters their code they are authenticated | ||
|
|
||
| {/* quick blurb of basic usage */} | ||
| <InlineFilter filters={["angular", "javascript", "nextjs", "react", "react-native", "vue"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
| <InlineFilter filters={["android"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
| <InlineFilter filters={["swift"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
|
|
||
| <Callout info> | ||
|
|
||
| Email-based one-time password requires your Amazon Cognito user pool to be configured to use Amazon Simple Email Service (SES) to send email messages. [Learn how to configure your auth resource with SES](/[platform]/build-a-backend/auth/moving-to-production/#email). | ||
|
|
||
| </Callout> | ||
|
|
||
| [Learn more about using email OTP in your application code](/[platform]/build-a-backend/auth/connect-your-frontend/sign-in/#email-otp). | ||
|
|
||
| ## WebAuthn Passkey | ||
|
|
||
| WebAuthn uses biometrics or security keys for authentication, leveraging device-specific security features. At a high level end users will perform the following steps to authenticate: | ||
|
|
||
| 1. User chooses to register a passkey | ||
| 2. Their device prompts for biometric/security key verification | ||
| 3. For future logins, they'll authenticate using the same method | ||
|
|
||
| {/* quick blurb of basic usage */} | ||
| <InlineFilter filters={["angular", "javascript", "nextjs", "react", "react-native", "vue"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
| <InlineFilter filters={["android"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
| <InlineFilter filters={["swift"]}> | ||
|
|
||
| {/* */} | ||
|
|
||
| </InlineFilter> | ||
|
|
||
| [Learn more about using WebAuthn passkeys in your application code](/[platform]/build-a-backend/auth/connect-your-frontend/sign-in/#webauthn-passkeys). | ||
|
|
||
| ### Managing credentials | ||
|
|
||
| {/* quick blurb then segue over to "manage WebAuthn credentials" page */} | ||
|
|
||
| [Learn more about managing WebAuthn credentials](/[platform]/build-a-backend/auth/manage-users/manage-webauthn-credentials). | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
?