How to create a passwordless connection

Authress doesn't support passwordless connections out of the box. We need to create a custom connection in order to support it.

To go through this tutorial, you'll need access to our Authress Dev Account.

Creating a custom connection

For custom connections, Authress uses service clients to validate a user's authentication workflow

Create a service client

In the Authress UI, go to the Service Clients page.

Click "Add Client".
Give it a name, such as "Passwordless Connection".
Give it a tag that represents the environment the connection belongs to.
Go to the "Custom Authentication" tab and click "Enable custom Authress user token generation".
On the same page add an "authorizationUrl" which is the url of the page where users will be redirected to authenticate. In this case the page we redirect to should handle the generation of the magic link and send it to the user via email.

Assign new connection to tenants without a SSO

This service client ID can now be used as the connection ID for clients that don't have a SSO setup

Generate a magic link

The Authress SDK provides a ServiceClientTokenProvider class that can be used to generate a magic link for a user to authenticate.

import { ServiceClientTokenProvider } from '@authress/sdk';

async function getUserRedirectUrl(state, redirectUrl) {
  const serviceClientId = '<service-client-id>';
  const accessKey = '<service-client-access-key>';

  const tokenProvider = new ServiceClientTokenProvider(accessKey);
  const authressLoginUrl = await tokenProvider.generateUserLoginUrl(
    redirectUrl,
    state,
    serviceClientId,
    '<user-email>'
  );

  return authressLoginUrl;
}

The authressLoginUrl will be sent to the user to sign in.