Get Code or Link - Auth0 Docs

POST /passwordless/start Passwordless connections do not require the user to remember a password. Instead, another mechanism is used to prove identity, such as a one-time code sent through email or SMS, every time the user logs in. You have three options for passwordless authentication:

Send a verification code using email.
Send a link using email.
Send a verification code using SMS.

Remarks

If you sent a verification code, using either email or SMS, after you get the code, you have to authenticate the user using the /passwordless/verify endpoint, using email or phone_number as the username, and the verification code as the password.
This endpoint is designed to be called from the client-side, and is subject to [rate limits]https://auth0.com/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy).
The sample auth0.js script uses the library version 8. If you are using auth0.js version 7, please see this reference guide.

Error Codes

For the complete error code reference for this endpoint refer to Errors > POST /passwordless/start.

Learn More

Parameters

client_id

string

required

The client_id of your application.

client_assertion

string

A JWT containing a signed assertion with your application’s credentials. Required when Private Key JWT is your application authentication method.

client_assertion_type

string

Use the value urn:ietf:params:oauth:client-assertion-type:jwt-bearer. Required when Private Key JWT is the application authentication method.

client_secret

string

The client_secret of your application. Required for Regular Web Applications only.

connection

string

required

How to send the code/link to the user. Use email to send via email, or sms to send via SMS.Allowed values: email, sms

string

Set this to the user’s email address when connection=email.

phone_number

string

Set this to the user’s phone number when connection=sms.

send

string

Use link to send a link or code to send a verification code. If null, a link will be sent.Allowed values: link, code

authParams

object

Any authentication parameters that you would like to add, such as scope, state, redirect_uri, etc.

Show properties

scope

string

OAuth scopes.

state

string

State parameter for maintaining state between the request and callback.

Response

Status	Description
200	Code or link sent successfully.
400	Bad Request. Invalid parameters.
401	Unauthorized. Invalid client credentials.

Documentation Index

​Remarks

​Error Codes

​Learn More

​Parameters

​Response

Remarks

Error Codes

Learn More

Parameters

Response