Skip to content
Scalekit Docs

Overview

Passwordless authentication is an authentication method that allows users to access a system without the need for passwords. It is a secure and convenient way to authenticate users, as it eliminates the risk of password-related vulnerabilities and makes it easier for users to access a system.

Passwordless authentication can be implemented using different methods, such as Email OTP, Email Magic Link, Passkeys and more. Scalekit supports both headless implementation of Passwordless authentication and also complete passwordless implementation via OIDC. Developers can choose the model that fits best based on their implementation needs, context etc.

The main benefits of using passwordless authentication over traditional password-based authentication include:

  • Improved security: Passwordless authentication eliminates the risk of password-related vulnerabilities such as phishing, credential stuffing and password cracking.
  • Better user experience: Passwordless authentication provides a seamless and convenient way for users to access a system, without the need to remember and enter passwords.
  • Reduced support costs: With passwordless authentication, users do not need to reset their passwords or contact support for password-related issues, which reduces the support costs.
  • Modern authentication: Passwordless authentication aligns with current security best practices and provides a modern and secure way to authenticate users.

Authentication methods

Section titled “Authentication methods”

Scalekit supports multiple passwordless authentication methods:

  • Verification Code (OTP): Users receive a one-time passcode via email
  • Magic Link : Users receive a link via email that the user needs to click to verify their email address.
  • Magic Link + Verification Code : Users receive a link and a one-time passcode via email and the users can choose either of the options to verify their email address.
  • Passkeys Coming soon : Users authenticate using their biometric data.
  • TOTP (Authenticator App) Coming soon : Users authenticate using a time-based one-time passcode generated by an authenticator app.

Implementation choices

Section titled “Implementation choices”

When implementing passwordless authentication, you have two options:

Headless Implementation: You can use our APIs to implement passwordless authentication without any dependence on our UI. You can implement your own UI to collect the OTP from your users or handle the magic link validation.

OIDC Implementation: We handle both the security and UI implementation of the OTP and/or magic link workflow. As part of the implementation, you will redirect the user to Scalekit’s OIDC Endpoint to complete the email OTP and/or magic link workflow. Once verified, we will send the user back to your pre-configured redirect url endpoint with the email address of the user so that you can complete the workflow.

Headless Implementation Learn how to implement Email OTP based passwordless authentication using our headless SDK
OIDC Implementation Learn how to implement Email OTP based passwordless authentication using OIDC