Passwordless authentication

Passwordless authentication is a type of authentication that does not require end-users to set or maintain passwords for access to an application. Instead, they authenticate using a one-time passcode (OTP).

About one-time passcodes (OTPs)

Link to this section

Kinde does not support magic links as a password alternative, instead, we prefer to use one-time passcodes (OTPs) as they are more secure, and require manual entry as opposed to a single click.

For example, someone with access to your email could click a link to get instant access to an application, but they cannot use the code unless they have initiated the correct sign in flow and have your sign-in identity as well. If you receive the OTP via SMS, someone would need to have your device and unlock code, to access it.

A OTP can be issued via email or phone, depending how you have set up authentication. It is also common to use OTPs as a factor in multi-factor authentication.

Set up passwordless authentication

Link to this section

1. In Kinde, go to Settings > Authentication.

2. In the Passwordless section, select Configure on the relevant tile.

3. If you select the Email + code tile:

   1. Select which applications will use this authentication method.
   2. Select Save.

4. If you select the Phone tile:

   1. Select which applications will use this authentication method.
   2. Select Save.

5. If you select the Username + code tile:

   1. Select which applications will use this authentication method.

   2. Select Save.

   ⚠️ You can test this feature but passwordless phone authentication requires that you have a Twilio account. You need to enter your Twilio account details and upgrade to Kinde Pro if you want your users to authenticate this way. Learn more.