User Authentication

Password-based Authentication

• Password: Traditional authentication using a secret password.

Passwordless Authentication

• SMS: Time-based One-Time Code sent via SMS.

• Tel: Time-based One-Time Code delivered via telephone voice call.

• Email: One-time code or link sent to email.

• Authenticator App: Time-based One-Time Password (TOTP) generated by an app (e.g., Google Authenticator, Microsoft Authenticator).

• Passkeys: Cryptographic keys stored on the device.

External Identity Providers

• OIDC (OpenID Connect): Authentication via trusted third-party identity providers (e.g., Google, Microsoft, or other OIDC-compatible services) for seamless login.

Single Sign-On (SSO): Users can streamline their authentication process and access multiple applications securely with single sign-on (SSO) functionality.