Add support for passwordless login [SDK-1940]
sanoopps opened this issue · 3 comments
Describe the problem you'd like to have solved
The SDK currently does not support passwordless login method i.e. exchanging an OTP obtained from /passwordless/start call for tokens.
Describe the ideal solution
Ideally, I suppose the SDK would expose an auth API like below that supports exchanging OTP obtained via either email or sms -
AuthRequest request = auth.exchangeOtp("me@auth0.com", "123456", "email")
.setScope("openid contacts");
try {
TokenHolder result = request.execute();
} catch (APIException exception) {
// api error
} catch (Auth0Exception e) {
// request error
}AuthRequest request = auth.exchangeOtp("0123456789", "123456", "sms")
.setScope("openid contacts");
try {
TokenHolder result = request.execute();
} catch (APIException exception) {
// api error
} catch (Auth0Exception e) {
// request error
}Alternatives and current work-arounds
An alternative is to directly call the Auth API like any other HTTP call and not use this SDK.
Additional context
If you are happy to accept contributions, I have a branch with changes (not complete yet) that I can tag here.
I think it's a valid ask. But it would require more than just the OTP exchange, as the /passwordless/start endpoint is also missing. Out of curiosity, on what type of client/app are you using this SDK? and why would you prefer that over using the Auth0 hosted solution?
We're not using the Java SDK. We do use the auth0.js SDK though.
Yes, /passwordless/start is also missing. The reason I asked specifically about exchanging OTP is that we have a Java server side application interfacing with Auth0 for token issue and was looking at extending it to handle OTP exchange as the first step to build a passwordless login solution. My curiosity led me to this SDK and I was wondering why this functionality was missing in the SDK. That's all. :)
@sanoopps Ok, no problem. I'm tracking this feature request internally as SDK-1940.