Send OTPs through Auth0

Updated 2 weeks ago

OTP (one time password)​ is a string of characters or numbers automatically generated to be used for one single login attempt.

With Auth0 + ClickSend integration, you can send OTPs through SMS.

Benefits of OTP

  • Resistance to replay attacks
  • Difficult to guess
  • Reduced risk when passwords are compromised

How to install ClickSend SMS to Auth0?

  1. First you need to have an account with Auth0 and ClickSend.
  2. On Auth0 Marketplace, click Add Integration , then select a tenant and continue.
  3. Read the necessary access requirements and click Continue.
  4. You will be then required to enter your ClickSend account credentials.
    - 'ClickSend username' is the username you use in ClickSend
    - 'ClickSend API Key' is the key found in the ClickSend dashboard: https://dashboard.clicksend.com/#/account/subaccount
    Click Create to add this connection to your Library.
  5. Click the Add to flow link on the pop-up that appears.
  6. Drag the ClickSend Action into the desired location in the flow. Click Apply.
  7. Activate Custom SMS Factor: To use the SMS factor, your tenant needs to have MFA enabled globally or required for specific contexts using Actions. To learn how to enable the MFA feature, see:
  8. Enable Phone Message: Go to Dashboard Menu > Settings > Multi-factor Auth. Look For Phone Message Factor and Configure.
  9. Choose Custom for delivery provider and SMS for delivery method.
    Edit your templates. Enable the Phone Message by toggling above switch. Click Save when complete
    {{code}} - the code automatically generated on this placeholder
    {{tenant.friendly_name}} - name of your tenant. You can actually change / set up a tenant friendly name under Settings.
  10. Test MFA Flow: Create a user under User Management section.

Go to Getting started section and click Try it out.

A new tab appears which lets you test your Multi-factor authentication. Login the user you created before.

Click I'd rather use SMS.

Select Country and type in your phone number.

A code is sent to the phone number you provided. Enter the code to the login and proceed.

Verified that it works!


How Did We Do?


Powered by HelpDocs (opens in a new tab)