Skip to main content
important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Only document issues with passwordless in first iteration

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:
proposed
Deciders:
rishabhpoddar, porcellus
Proposed by:
porcellus
Created:
2023-05-11

Context and Problem Statement#

Using magic links in OAuth2 has some problems with our current pwless implementation:

  • Opening the link on a separate device will not log the original tab in, stopping the user from logging in.
  • Opening the link in a new tab will cause the original tab to display a screen telling the user to close it and the new tab redirects the user back to the client.

Considered Options#

  • Provide better support by modifying the pwless recipe
  • Document the issues and provide better support in future iterations
  • Disable using passwordless in OAuth2

Decision Outcome#

Chosen option: Document the issues and provide better support in future iterations

  • No need to modify other recipes for now - we want to provide OAuth2 support ASAP
  • We want to provide proper support for this in the future
  • The user can still choose to disable this for themselves (i.e.: not use this recipe)

Pros and Cons of the Options#

Provide better support by modifying the pwless recipe#

  • Better UX
  • Requires modifying other recipes, delaying OAuth2 support

    • Document the issues and provide better support in future iterations#

  • Less work required before OAuth2 can be supported
  • Not great UX in some cases

    • Disable using passwordless in OAuth2#

  • No UX issues
  • Less work required before OAuth2 can be supported
  • The user can choose to disable this themselves
  • Not great DX
    • Looking for older versions of the documentation?
    Which UI do you use?
    Custom UI
    Pre built UI