Setting
Last updated
Last updated
Authentication strategies are the methods that users can use to sign up and sign in to your application.
OneAuxilia offers two kinds of authentication strategies: password and passwordless.
Choosing the password strategy requires users to set a password during the sign up process. OneAuxlilia offers out of the box protection against weak and compromised passwords and the only requirement enforced is that the password be a miminum of 8 characters. (Note: passwordless authentication is still available to users even if password strategy is selected.)
Choosing a passwordless strategy provides users with a more secure way to sign up and sign in to your application. They are also more convenient than passwords because they don't require users to remember a complex string of characters.
Authentication Strategies logic will be prioritized to be displayed in the image above. If you enable or disable authentication strategies, the priority order does not change priority.
We provide for you a lot of Authentication Strategies, choosing a passwordless strategy provides users with a more secure way to sign up and sign in to your application. They are also more convenient than passwords because they don't require users to remember a complex string of characters.
Passwordless authentication strategies include:
Passkey (Coming soon)
To configure authentication strategies:
Navigate to the OneAuxilia Dashboard and select your application.
In the navigation sidebar, select Authentication > Setting
In the Authentication strategies section, toggle on the authentication strategies you would like to enable.
A passkey is a type of sign-in credential that requires one user action, but uses two authentication factors:
A pin number or biometric data
A physical device
Because passkeys use two authentication factors, they are the most secure passwordless authentication strategy.
Users can only create passkeys after they have signed up, which means you will need to enable another authentication strategy for the sign-up process. Once a user is signed in, they can create a passkey.
When one of the OTP options are selected as an authentication strategy, users will receive a one-time code that they can use to complete the authentication process. The benefit of one-time codes is that they are more secure than passwords and can be used to verify a user's identity without needing to store a password in your database.
There are two one-time password (OTP), or one-time code, strategies to choose from:
Email verification code
SMS verification code (just send Event via Webhook, right now)
When email address is chosen as the identifier, Email verification code is set as the default authentication option.
SMS authentication is a premium feature and is not available right now. But we can fire the event through webhoook so you can send it yourself through your OTP sending service.
When the Email verification link option is selected as an authentication strategy, users will receive an email message with a link that can be visited in order to complete the authentication process. Email links can be used to sign up new users, sign in existing ones, or allow existing users to verify newly entered email addresses to their profile. Email links work on any device. There's no constraint on where the link will be opened. For example, a user might try to sign in from their desktop browser, but open the link from their mobile phone.
Verification methods are the methods that users can use to verify their identifier during the sign-up process, or to verify a new identifier that they add to their profile.
OneAuxilia offers three verification methods:
Email verification link
Email verification code
SMS verification code
Each of these verification methods work in the same way as their authentication strategy counterparts, but are used to verify a user's identifier rather than authenticate a user. For example, when a user adds an email address to their profile, they can receive an Email verification link or Email verification code to verify the new email address.
To configure verification methods:
Navigate to the OneAuxilia Dashboard and select your application.
In the navigation sidebar, select Authentication > Setting.
Select the settings cog icon next to the identifier, such as Email address or Phone number, to open the configuration settings.
Under the Verification methods section, toggle on the verification methods you would like to enable.
Select Continue to save your changes.
OneAuxilia offers a number of social login providers that can be used during sign up and sign in. What makes this authentication option appealing is that users often won't need to enter additional contact information since the provider already has it.
OneAuxilia has designed the social login process to be as seamless as possible. If an existing user tries to sign up with a social provider, the social login process is smart enough to automatically convert the sign up process into a sign in flow. The reverse is also true: if a user signs in with a social provider, but doesn't have an account yet, OneAuxilia will automatically create one for them.
Users are also able to link multiple social providers to their account depending on how you have set up your application. You can set up your application to use the Account Portal User Profile page, the prebuilt <UserProfile />
component.
To enable social connections:
Navigate to the OneAuxilia Dashboard and select your application.
In the navigation sidebar, select Authentication > Social connectors.
For development instances, you can simply toggle on the social providers you would like to enable. For production instances, you will need to configure credentials for each social provider. Don't worry, there are detailed guides for each social provider to help you through the process.
OneAuxilia supports multi-factor authentication (MFA), often referred to as two-factor authentication or 2FA. By enabling MFA, you can encourage your users to perform a second verification check during sign-in. By enforcing two different types of verifications, you can drastically improve your user's security. Most websites make this step optional, empowering their users with their own security.
Although not available as an option in the initial new application screen, you can opt to turn on multi-factor authentication (MFA) in the OneAuxilia Dashboard.
Navigate to the OneAuxilia Dashboard and select your application.
In the navigation sidebar, select Authentication > Multi-factor.
Toggle on the MFA strategies you would like to enable.
OneAuxilia currently offers the following MFA strategies:
SMS verification code
Authenticator application (also known as TOTP - Time-based One-time Password)
Backup codes
Enabling MFA allows users of your app to turn on MFA for their own account through their User Profile page. Enabling MFA does not automatically turn on MFA for all users.
If you are building a custom user interface instead of using OneAuxilia's Account Portal or prebuilt components.
OneAuxilia provides a set of restriction options designed to provide you with enhanced control over who can gain access to your application. Through these restriction settings, you can limit sign-ups or prevent accounts with specific identifiers from accessing your application. These identifiers can be email addresses, phone numbers, and even entire domains.