Secure login to Auth0 SSO without usernames, passwords and OTP
WWPass Identity Provider for Auth0 uses OpenID Connect and Oauth2 to replace insecure usernames and password, and inconvenient traditional Multi-factor authentication with modern, secure and convenient Right-factor Authentication -- technology which uses distributed secure credential storage to protect regular and privileged accounts form phishing, credential theft and other types of hacker attacks.
Addition of WWPass login significantly improves security of access, removes overhead associated with password resets, and simplifies access to secured sites for users. It allows to maintain balance between low cost and simple login with mobile phone app, and ultra-secure access with hardware tokens, which completely eliminates the possibility of unauthorized remote access with stolen credentials.
Fully compliant with strong customer authentication standards like GDPR, NIST and open banking authentication requirements.
Prevents phishing and credential theft by eliminating the need for username/password logins. No OTPs, SMS or Push.
No need to remember and manage usernames & passwords: no more password resets and frustrated users.
Flexible, competitive, cost-effective pricing; considerably reduces support/call-center password reset costs; saves the cost of fobs/cards.
OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
WWPass implements its own OpenID Connect and OAuth2 capable identity provider powered by the WWPass strong authentication and data encryption technology.
This guide will lead you through the steps needed to start using WWPass OpenID Connect and OAuth2 identity provider for user authentication in your applications.
Before starting using WWPass OpenID Connect and OAuth2 identity provider, you should create a WWPass developer account. Open https://wwpass.com with your browser, click Log in, and follow the instruction to create a new developer account.
Once you created the developer account, you need to register your application domain. Log in to your account, choose Add new application
Select Auth0 and enter your Auth0 tenant name then follow the instructions to register and verify your application domain.
Setting Up OpenID Connect and OAuth2
Сlick Edit IdP Settings to open the IdP configuration page. Particular settings depend on the application you use. This document provides example settings for some commonly-used applications.
Typically you need to perform the following steps:
- Save the client secret in a safe place. You may either instantly copy it to your application settings or store it in a password manager you trust. We suggest using PassHub for storing such information. You can reset the client secret any time later.
- Change Callback URI to match the callback URI of your application, refer to your application documentation for more information.
- Make sure the rest of the settings match the corresponding settings of your application.
When finished, click Save to save IdP settings.
Copy OpenID Connect or OAuth2 URIs to you application settings.
Test authentication in your application. If everything is configured properly, your application will redirect you to
https://oidc.wwpass.com/. Log in with your WWPass Key. During the first login, WWPass IdP will ask you to provide your email address and other information requested by your application. Once you provide the required information, WWPass IdP will redirect you back to your application as logged-in user.
Auth0 With OpenID Connect
Open Branding -> Universal Login in the Auth0 dashboard . If your current setting is Classic switch to New.
Next navigate to Authentication -> Enterprise. Click the plus icon next to OpenID Connect to add a new connection.
- Set Connection name to any name that will allow you to identify this connection later.
- Set Issuer URL to
- Set Client ID to the Client ID from the corresponding WWPass application page.
- Set Sync user profile attributes at each login: to any position depending on your preference.
Click Create to create the connection. The next page allows you to customize the login experience. We recommend checking Display connection as a button. Finally, select which Auth0 applications can use this connection.