The Passwordless manager provides methods for implementing passwordless authentication flows using email or SMS.
Email Passwordless
SendEmail
Starts a passwordless flow by sending a link or code via email.
func (p *Passwordless) SendEmail(
ctx context.Context,
params passwordless.SendEmailRequest,
opts ...RequestOption,
) (*passwordless.SendEmailResponse, error)
The context for the request
params
passwordless.SendEmailRequest
required
The email send parameters
Optional request options (use Header() to set x-request-language)
SendEmailRequest
Use “link” to send a link or “code” to send a verification code (default: “link”)
Override link parameters (scope, redirect_uri, protocol, response_type) when sending a link
Client ID (uses default if not provided)
Client Secret (uses default if not provided)
Example
import (
"github.com/auth0/go-auth0/v2/authentication/passwordless"
)
// Send a verification code
response, err := auth.Passwordless.SendEmail(
ctx,
passwordless.SendEmailRequest{
Email: "[email protected]",
Send: "code",
},
)
if err != nil {
log.Fatal(err)
}
fmt.Println("Email sent to:", response.Email)
// Send a magic link with custom parameters
response, err = auth.Passwordless.SendEmail(
ctx,
passwordless.SendEmailRequest{
Email: "[email protected]",
Send: "link",
AuthParams: map[string]interface{}{
"scope": "openid profile email",
"redirect_uri": "https://yourapp.com/callback",
},
},
)
if err != nil {
log.Fatal(err)
}
Response
The identifier of the request
Whether the user’s email address is verified
LoginWithEmail
Completes the passwordless flow by exchanging a code for a token.
func (p *Passwordless) LoginWithEmail(
ctx context.Context,
params passwordless.LoginWithEmailRequest,
validationOptions oauth.IDTokenValidationOptions,
opts ...RequestOption,
) (*oauth.TokenSet, error)
The context for the request
params
passwordless.LoginWithEmailRequest
required
The login parameters
validationOptions
oauth.IDTokenValidationOptions
required
ID token validation options
LoginWithEmailRequest
The user’s verification code
API identifier for which to get an access token
Scopes to request (e.g., “openid profile email”)
Client ID (uses default if not provided)
Client Secret (uses default if not provided)
Example
import (
"github.com/auth0/go-auth0/v2/authentication/oauth"
"github.com/auth0/go-auth0/v2/authentication/passwordless"
)
// User receives code via email and enters it
code := "123456" // From user input
tokens, err := auth.Passwordless.LoginWithEmail(
ctx,
passwordless.LoginWithEmailRequest{
Email: "[email protected]",
Code: code,
Scope: "openid profile email",
},
oauth.IDTokenValidationOptions{},
)
if err != nil {
log.Fatal(err)
}
fmt.Println("Access Token:", tokens.AccessToken)
fmt.Println("ID Token:", tokens.IDToken)
Response
Returns an oauth.TokenSet containing:
The refresh token (if offline_access scope was requested)
Token expiration in seconds
SMS Passwordless
SendSMS
Starts a passwordless flow by sending a code via SMS.
func (p *Passwordless) SendSMS(
ctx context.Context,
params passwordless.SendSMSRequest,
opts ...RequestOption,
) (*passwordless.SendSMSResponse, error)
The context for the request
params
passwordless.SendSMSRequest
required
The SMS send parameters
Optional request options (use Header() to set x-request-language)
SendSMSRequest
Additional authentication parameters
Client ID (uses default if not provided)
Client Secret (uses default if not provided)
Example
import (
"github.com/auth0/go-auth0/v2/authentication/passwordless"
)
response, err := auth.Passwordless.SendSMS(
ctx,
passwordless.SendSMSRequest{
PhoneNumber: "+1234567890",
},
)
if err != nil {
log.Fatal(err)
}
fmt.Println("SMS sent to:", response.PhoneNumber)
Response
The identifier of the request
Whether the user’s phone number is verified
LoginWithSMS
Completes the passwordless flow by exchanging a code for a token.
func (p *Passwordless) LoginWithSMS(
ctx context.Context,
params passwordless.LoginWithSMSRequest,
validationOptions oauth.IDTokenValidationOptions,
opts ...RequestOption,
) (*oauth.TokenSet, error)
The context for the request
params
passwordless.LoginWithSMSRequest
required
The login parameters
validationOptions
oauth.IDTokenValidationOptions
required
ID token validation options
LoginWithSMSRequest
The user’s verification code
API identifier for which to get an access token
Scopes to request (e.g., “openid profile email”)
Client ID (uses default if not provided)
Client Secret (uses default if not provided)
Example
import (
"github.com/auth0/go-auth0/v2/authentication/oauth"
"github.com/auth0/go-auth0/v2/authentication/passwordless"
)
// User receives code via SMS and enters it
code := "123456" // From user input
tokens, err := auth.Passwordless.LoginWithSMS(
ctx,
passwordless.LoginWithSMSRequest{
PhoneNumber: "+1234567890",
Code: code,
Scope: "openid profile email",
},
oauth.IDTokenValidationOptions{},
)
if err != nil {
log.Fatal(err)
}
fmt.Println("Access Token:", tokens.AccessToken)
fmt.Println("ID Token:", tokens.IDToken)
Response
Returns an oauth.TokenSet containing the access token, ID token, and optionally a refresh token.
Complete Passwordless Flow Examples
Email Code Flow
package main
import (
"context"
"fmt"
"log"
"github.com/auth0/go-auth0/v2/authentication"
"github.com/auth0/go-auth0/v2/authentication/oauth"
"github.com/auth0/go-auth0/v2/authentication/passwordless"
)
func main() {
ctx := context.Background()
auth, err := authentication.New(
ctx,
"your-domain.auth0.com",
authentication.WithClientID("your-client-id"),
authentication.WithClientSecret("your-client-secret"),
)
if err != nil {
log.Fatal(err)
}
// Step 1: Send verification code to user's email
sendResponse, err := auth.Passwordless.SendEmail(
ctx,
passwordless.SendEmailRequest{
Email: "[email protected]",
Send: "code",
},
)
if err != nil {
log.Fatal(err)
}
fmt.Printf("Verification code sent to: %s\n", sendResponse.Email)
// Step 2: User receives code via email and enters it
// In a real app, you would prompt the user for this
code := "123456"
// Step 3: Exchange code for tokens
tokens, err := auth.Passwordless.LoginWithEmail(
ctx,
passwordless.LoginWithEmailRequest{
Email: "[email protected]",
Code: code,
Scope: "openid profile email",
},
oauth.IDTokenValidationOptions{},
)
if err != nil {
log.Fatal(err)
}
fmt.Println("Authentication successful!")
fmt.Println("Access Token:", tokens.AccessToken)
}
SMS Code Flow
package main
import (
"context"
"fmt"
"log"
"github.com/auth0/go-auth0/v2/authentication"
"github.com/auth0/go-auth0/v2/authentication/oauth"
"github.com/auth0/go-auth0/v2/authentication/passwordless"
)
func main() {
ctx := context.Background()
auth, err := authentication.New(
ctx,
"your-domain.auth0.com",
authentication.WithClientID("your-client-id"),
authentication.WithClientSecret("your-client-secret"),
)
if err != nil {
log.Fatal(err)
}
// Step 1: Send verification code to user's phone
sendResponse, err := auth.Passwordless.SendSMS(
ctx,
passwordless.SendSMSRequest{
PhoneNumber: "+1234567890",
},
)
if err != nil {
log.Fatal(err)
}
fmt.Printf("Verification code sent to: %s\n", sendResponse.PhoneNumber)
// Step 2: User receives code via SMS and enters it
// In a real app, you would prompt the user for this
code := "123456"
// Step 3: Exchange code for tokens
tokens, err := auth.Passwordless.LoginWithSMS(
ctx,
passwordless.LoginWithSMSRequest{
PhoneNumber: "+1234567890",
Code: code,
Scope: "openid profile email",
},
oauth.IDTokenValidationOptions{},
)
if err != nil {
log.Fatal(err)
}
fmt.Println("Authentication successful!")
fmt.Println("Access Token:", tokens.AccessToken)
}
Setting Request Language
import "github.com/auth0/go-auth0/v2/authentication"
// Send email in Spanish
response, err := auth.Passwordless.SendEmail(
ctx,
passwordless.SendEmailRequest{
Email: "[email protected]",
Send: "code",
},
authentication.Header("x-request-language", "es"),
)
See Also