Skip to main content

Log in/Sign up flow

Configure the primary and secondary authentication methods available to users in your app.

Primary authentication

The primary authentication method is the first authentication method required for users. To ease onboarding, you can specify multiple primary authentication options.

The current options are:

  • Password
  • Email code
  • Magic link
  • Social (OAuth)
  • Short message service (SMS)
  • Time-based one-time password (TOTP)

After configuring primary authentication, you may optionally specify a secondary authentication.

To set a primary authentication method:

  1. Click the Log in/Sign up Flow button on the left side of the screen.
  2. Click the toggle beside the desired authentication methods to select allowed primary authentication methods. If more than one is selected, the user chooses which method to use.
  3. Click Save to save the primary authentication methods.

Secondary authentication

The available options for the secondary authentication method varies based on the selected primary authentication method. The secondary method must be more secure than the selected primary method. The compatible secondary methods are highlighted in blue when a primary method is selected.


A user is never allowed to authenticate with a weaker secondary method than the primary method. In configurations where a less secure secondary method is enabled, it will not be presented to the user at authentication time. For example, if email code and SMS are set as primary methods with password and TOTP as secondary, a user will not be given the option of password at authentication time. Password is a weaker method than both email code and SMS and is therefore incompatible despite being enabled.

To set a secondary authentication method:

  1. Click the Log in/Sign up Flow button on the left side of the screen.
  2. Under the selected primary methods, click the Require Secondary Authentication? toggle. The compatible secondary authentication methods are highlighted in blue.
  3. Select the desired secondary methods.
  4. Click Save to save the secondary authentication methods.

When a single primary method is selected, all incompatible secondary methods are disabled.

Example user workflow

This is an example workflow for users of an organization that requires a primary and secondary authentication method.

  1. The user selects Magic Link as the primary authentication method.
  2. The user inputs their email address and a link is sent to their email.
  3. The user clicks on the link in the email.
  4. The link navigates to a page displaying the secondary methods approved by the organization that are compatible with Magic Link authentication: Social(OAuth), SMS, and TOTP.
  5. The user selects SMS, and fills out their phone number to receive a text message.
  6. A text message with a code is sent to the user's phone and the user enters the code on the authentication page.
  7. The user is authenticated and is given access to the site.

Was this article helpful?

Contact us