Authentication & authorization overview

Build frictionless and secure authentication experiences for your users across all their devices and channels.

• Use journeys to create identity experiences with easy-to-use graphical interface and Mosaic SDK.

• Use an OIDC-based approach to authentication if you're interested in the classic OIDC integrations initiated from the browser, such as Mosaic's hosted login experience.

• Use backend-initiated approach to implement integrations leveraging Backend Authentication APIs.

Biometric authentication

Based on the FIDO2 WebAuthn standard, biometric login is secure, consistent, and convenient for your customers. Launch fast with a fully hosted experience, or use our APIs/SDKs with your custom UI.

On mobile devices, consider implementing authentication with device sensors, such as Face ID or fingerprint.

One-time login

Log in users using a one-time code sent to their phone or email, or magic link sent to their email. This passwordless option allows users to log in to a device that doesn't support WebAuthn biometrics, or a device that doesn't belong to them.

Time-based passcodes

Log in users using time-based one-time passcodes (TOTP) generated by authenticator apps like Google Authenticator or Twilio Authy.

Push notifications

Log in users with push notifications sent to their trusted device.

Social login

Social login allows customers to quickly authenticate with their existing social media accounts. Add this into your app to provide a fast and easy way for your customers to sign up, and minimize friction at checkout.

Password login

Password login allows you to authenticate users with a username and password, so you can smoothly migrate your customers from passwords to a passwordless solution.

PIN code

Allow users to authenticate using a PIN they register within the app. This method leverages native device security and is supported through the Mobile SDK.