This message was deleted.

Hi @brave-vegetable-81611! Thank you for bumping this topic. There is a ‘workaround’ to achieve Email OTP logins, although our recommendation is using passkeys. I know some other feature requests have since been prioritized. If you like, we can jump on a quick call and discuss your timeline for the migration. If there is specific commercial demand for feature requests, I can take that to the product team and try to impact the prio.

Hey @rich-thailand-93889 thanks for the fast reply! At this juncture, biometrics or Oauth-esque third-party reliant auth isn't going to work for us and we do need a way to have plain old codes sent via email. Is this workaround documented somewhere? Let me check with others on the team re: a call..

Hey @brave-vegetable-81611 that makes sense. Just to clarify, you want the Email OTP to be the first/only factor (instead of a password)? It’s important to note, that in an email OTP only scenario, if the user loses access to their email account, they will also lose access to your service, as they have no way to sign in. This is also the reason, Email OTP only is not recommended. The workaround would be similar to inviting users. Each login would be a recovery flow. The recovery strategy would be set to OTP. You will probably also need a custom UI to make the UX intuitive for the user. If passwordless is not an option, you could consider using a social login provider as an ergonomic alternative. We have a bunch of preconfigured provides, such as Google or LinkedIn. Feel free to contact us and schedule a meeting, once you hear back from the team. We would love to figure out a way to get your migration done asap.

Hey Tommy, that is correct! We'd need an email-only OTP with no password required, I do know there are problems with this authentication method but unfortunately this is the feature we need to maintain, peculiar to our user base. We can't rely on device biometrics, which seems to be exclusively what is used on passwordless (passkeys) and we can't use 3rd party providers for login.