Send OTPs through Auth0

Updated 2 years ago

OTP (one time password)​ is a string of characters or numbers automatically generated to be used for one single login attempt.

With Auth0 + ClickSend integration, you can send OTPs through SMS.

Benefits of OTP

  • Resistance to replay attacks
  • Difficult to guess
  • Reduced risk when passwords are compromised

How to install ClickSend SMS to Auth0?

  1. First you need to have an account with Auth0 and ClickSend.
  2. On Auth0 Marketplace, click Add Integration , then select a tenant and continue.
  3. Allow access to Read and share user profile information and then Continue.
  4. You will be then auto-redirected to Library where you'll need to enter your ClickSend account credentials to connect the integration.
    - 'ClickSend username' is the username you use in ClickSend
    - 'ClickSend API Key' is the key found in the ClickSend dashboard: https://dashboard.clicksend.com/#/account/subaccount
    Click Create to add this connection to your Library.
  5. Click the Add to flow link on the pop-up that appears.
  6. Drag the ClickSend Action into the desired location in the flow. Click Apply.
  7. Enable OTP: Go to Dashboard Menu > Security > Multi-factor Auth. Look For One-time Password and enable.
    When you scroll dow a bit on same page. You would see Define Policies. Then set require multi-factor auth to always and Save.
  8. Enable Phone Message: Go to Dashboard Menu > Security > Multi-factor Auth. Look For Phone Message Factor and Configure.
  9. Choose Custom for delivery provider and SMS for delivery method.
    Edit your templates. Enable the Phone Message by toggling above switch. Click Save when complete
    {{code}} - the code automatically generated on this placeholder
    {{tenant.friendly_name}} - name of your tenant. You can actually change / set up a tenant friendly name under Settings.
  10. Test MFA Flow: Create a user under User Management section.

Go to Getting started section and click Try it out.

A new tab appears which lets you test your Multi-factor authentication. Login the user you created before.

Click I'd rather use SMS.

Select Country and type in your phone number.

A code is sent to the phone number you provided. Enter the code to the login and proceed.

Verified that it works!


How Did We Do?


Powered by HelpDocs (opens in a new tab)