This guide details the steps required to configure Keyless as a passwordless authentication solution for your Auth0 cloud instance.

Keyless and Auth0 have partnered to deliver true passwordless authentication for the workforce and for consumers.

This document provides a step-by-step introduction for configuring Auth0 to work with Keyless. In this guide Keyless will be set up as both an OpenID Connect service provider and a OpenID Connect identity provider for Auth0.

Configure Authentication Identity Provider

In order to enable your users to authenticate into Auth0 enabled apps via Keyless you’ll need to configure Keyless as a trusted IdP on Auth0.

As part of the onboarding process you’ll receive the following pieces of information from keyless to complete a Trusted IdP configuration.


Login Icon

Can be used as the logon Icon for Keyless authentication on Auth0 Login page

Discovery URL

OIDC Discovery endpoint provided by Keyless


Client ID

OIDC Client ID specific to you organization provided by Keyless


Client Secret

OIDC Client secret provided by Keyless


The steps are as follows

  • Create a new Enterprise Connection (IdP): Go to Authentication →Enterprise → OpenID Connect Click on (+) Icon

  • Provide a name for the Connection

  • Fill in OIDC Discovery URL in Issuer Field

  • Fill in ClientID provided by Keyless

  • Make a note of the callback URL that need to be sent to Keyless

  • Click Save

  • Once Saved go to Settings and General tab do the following

    • Select Back Channel as Type

    • Fill in client Secret field

  • Click Save Changes

  • Click on the ellipses (...) icon on the Connection just saved, Click Try Now

  • This will initiate a Keyless authentication

  • On successful authentication you’ll see the connection data

Configure Enrolment Service Provider

To enable enrolment of your users to Keyless we’ll need to configure a client application on Auth0. Parameters required to create the application on Auth0 are provided in your Keyless onboarding package. Once the application is configured you’ll need to send some configuration information back to Keyless to complete the configuration on Keyless end.

Following are the pieces of information from Keyless required to configure Auth0 Application:


Login URL

OIDC Client configuration provided by Keyless


Redirect URI

OIDC redirect URO provuded by Keyless


Logout URL

OIDC logout URL provided by Keyless


Keyless Enrolment URL

URL to Keyless Enrolment page for end users: provided by Keyless


  • Create Application: Applications --> Create Application --> Regular Web Applications

  • On Settings tab of the Application just created

    • o Make note of the following items that need to be sent back to Keyless

      • Domain

      • Client ID

      • Client Secret

    • Fill in the following information from the URLs provided by Keyless

      • Allowed Callback URL which is the Login URL (in the table above)

      • Allowed Logout URL which is the Logout URL provided

      • Allowed web origins which is the Redirect URI provided

🏁Post Integration

Last updated