Start Passwordless Authentication

curl --request POST \ --url https://{yourDomain}/passwordless/start \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data ' { "client_id": "YOUR_CLIENT_ID", "client_secret": "YOUR_CLIENT_SECRET", "connection": "email", "email": "user@example.com", "send": "code" } '

Authorizations

Authorization

string

header

required

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/json

client_id

string

required

Your application's Client ID

connection

enum<string>

required

The connection type for passwordless authentication

Available options:

email,

sms

send

enum<string>

required

Whether to send a magic link or a code. Only 'code' is supported for SMS.

Available options:

link,

code

client_secret

string

Your application's Client Secret (required for confidential clients)

string<email>

The user's email address (required when connection is 'email')

phone_number

string

The user's phone number in E.164 format (required when connection is 'sms')

authParams

object

Additional authentication parameters to include (scope, state, etc.)

Response

Passwordless request sent successfully

_id

string

Request ID

string

Email address (for email connections)

phone_number

string

Phone number (for SMS connections)