If you're leveraging Auth0 as your Identity Provider, you may find it advantageous to augment your system with passwordless login capabilities. This can be seamlessly accomplished using the CodeB Authenticator, which is fully compatible with OpenID Connect (OIDC) authentication.
The CodeB Authenticator incorporates OpenID Connect (OIDC) authentication, facilitating smooth passwordless logins for any service that accommodates OIDC Logon. This functionality not only simplifies user authentication across a broad spectrum of services and systems but also bolsters security. It liberates users from the burden of remembering multiple passwords, thereby reducing the likelihood of security breaches related to passwords.
Moreover, by avoiding the use of credentials as identifiers, the CodeB Authenticator effectively mitigates the risk of phishing, Man-in-the-Middle (MitM), and other social engineering attacks. Once CodeB is configured as an Enterprise Connection within Auth0, your mobile device can serve as a passwordless login token, granting you secure access to your system via Auth0.
An extra layer of security is furnished by the secure storage of all utilized keys in the hardware-backed keystore known as "Strongbox". This transforms your mobile device into a formidable identity provider in its own right. The integration of Strongbox guarantees that your keys are securely stored, further boosting the security and integrity of your system.
You want to give it a try? Make sure you have the CodeB Authenticator started on your mobile and then click from your Desktop on the following link:
Integrating CodeB with Auth0 via OpenID Connect (Enterprise Connection) is a straightforward process.
Here's a step-by-step guide:
Access the Auth0 dashboard and navigate to Authentication -> Enterprise.
Click on the "Create Connection" button under the “OpenID Connect” section.
Define your connection name. Please be aware that this cannot be altered later.
For the Issuer URL, input the complete openid-configuration URL of your CodeB Identity Broker instance or use our public one: https://auth.aloaha.com/.well-known/openid-configuration
Select your Client ID and confirm with the Create button.
For further customization of your connection, click on it again. For instance, you can specify whether you want a Front Channel Workflow (response_mode=form_post) or a Back Channel Workflow (response_type=code).
Ensure to include the scope “serversig” in your scopes. Ideally, use scopes “openid profile email serversig”.
Finally, you can configure the “Login Experience” and decide for which Applications you want to enable this login type.
