Sign-Up and Sign-In Options
Sign-Up and Sign-In Options
Ollio provides multiple options for configuring a sign-up and sign-in flow for your application, such as identifiers and authentication strategies. This guide will walk you through each option.
You can modify your authentication options after your application has been created by navigating to the Ollio Dashboard and selecting any of the options under User & Authentication.
Ollio provides multiple options for configuring a sign-up and sign-in flow for your application, such as identifiers and authentication strategies. This guide will walk you through each option.
You can modify your authentication options after your application has been created by navigating to the Ollio Dashboard and selecting any of the options under User & Authentication.
Identifiers
Identifiers
Identifiers are how your application recognizes an individual user. There are three primary identifiers:
Email address
Phone number
Username
In the application configuration screen, you can select multiple identifiers, but at least one is required.
Email address is the most common primary identifier. When it is the only enabled identifier, users are required to supply an email address during sign-up and keep one on their account at all times. The email address that was supplied during sign-up can later be changed from the user's profile page.
When phone number is selected as the identifier, a user can sign up with their phone number and receive a code via SMS to verify it. SMS functionality is restricted to phone numbers from countries enabled on your SMS allowlist.
Identifiers are how your application recognizes an individual user. There are three primary identifiers:
Email address
Phone number
Username
In the application configuration screen, you can select multiple identifiers, but at least one is required.
Email address is the most common primary identifier. When it is the only enabled identifier, users are required to supply an email address during sign-up and keep one on their account at all times. The email address that was supplied during sign-up can later be changed from the user's profile page.
When phone number is selected as the identifier, a user can sign up with their phone number and receive a code via SMS to verify it. SMS functionality is restricted to phone numbers from countries enabled on your SMS allowlist.
Note
SMS authentication is a premium feature and not available on the Free plan. Upgrade your plan to enable this feature.
Note
SMS authentication is a premium feature and not available on the Free plan. Upgrade your plan to enable this feature.
Choosing username as the identifier enables users to sign up without requiring personal contact information. A username should be from 4 to 64 characters in length and can contain alphanumeric characters, underscores (_), and dashes (-).
Choosing username as the identifier enables users to sign up without requiring personal contact information. A username should be from 4 to 64 characters in length and can contain alphanumeric characters, underscores (_), and dashes (-).
Note
If you choose not to collect any contact information, you can enable Username authentication and later disable it in settings, opting to authenticate only with a social provider.
Note
If you choose not to collect any contact information, you can enable Username authentication and later disable it in settings, opting to authenticate only with a social provider.
To update your identifiers after your application has been created:
In the Ollio Dashboard, navigate to the Email, phone, username page.
In the Contact information section, you can select Email address and Phone number as identifiers. In the Username section, you can select Username as an identifier.
To update your identifiers after your application has been created:
In the Ollio Dashboard, navigate to the Email, phone, username page.
In the Contact information section, you can select Email address and Phone number as identifiers. In the Username section, you can select Username as an identifier.
Authentication strategies
Authentication strategies
Authentication strategies are methods that users can use to sign up and sign in to your application.
There are two kinds of authentication strategies: password and passwordless.
Choosing the password strategy requires users to set a password during the sign-up process. Passwords are required to be at least 8 characters long, and have built-in protection against weak and compromised passwords.
Authentication strategies are methods that users can use to sign up and sign in to your application.
There are two kinds of authentication strategies: password and passwordless.
Choosing the password strategy requires users to set a password during the sign-up process. Passwords are required to be at least 8 characters long, and have built-in protection against weak and compromised passwords.
Note
Passwordless authentication remains available to users, even if the password strategy is enabled.
Note
Passwordless authentication remains available to users, even if the password strategy is enabled.
The passwordless strategy provides a more secure and convenient sign-in method, as users don't need to remember complex passwords.
Passwordless authentication strategies include:
Passkeys
One-time password (OTP)
Email link
To configure authentication strategies:
In the Ollio Dashboard, navigate to the Email, phone, username page.
In the Authentication strategies section, toggle on the authentication strategies you would like to enable.
The passwordless strategy provides a more secure and convenient sign-in method, as users don't need to remember complex passwords.
Passwordless authentication strategies include:
Passkeys
One-time password (OTP)
Email link
To configure authentication strategies:
In the Ollio Dashboard, navigate to the Email, phone, username page.
In the Authentication strategies section, toggle on the authentication strategies you would like to enable.
Passkeys
Passkeys
A passkey is a type of sign-in credential that requires one user action, but uses two authentication factors:
A pin number or biometric data
A physical device
Passkeys are the most secure passwordless strategy because they use two factors.
Users can only create passkeys after signing up, so you'll need to enable another authentication strategy for the sign-up process. After signing in, users can create a passkey.
A passkey is a type of sign-in credential that requires one user action, but uses two authentication factors:
A pin number or biometric data
A physical device
Passkeys are the most secure passwordless strategy because they use two factors.
Users can only create passkeys after signing up, so you'll need to enable another authentication strategy for the sign-up process. After signing in, users can create a passkey.
Manage user passkeys
Manage user passkeys
The easiest way to allow your users to create and manage their passkeys is to use the prebuilt component, which includes passkey management in the Security tab.
If you're building a custom user interface, refer to the passkeys custom flow guide to learn how to create a custom passkey management flow using the Ollio API.
The easiest way to allow your users to create and manage their passkeys is to use the prebuilt component, which includes passkey management in the Security tab.
If you're building a custom user interface, refer to the passkeys custom flow guide to learn how to create a custom passkey management flow using the Ollio API.
Passkey limitations
Passkey limitations
Passkeys are not currently available as an MFA option.
Not all devices and browsers are compatible with passkeys. Passkeys are built on WebAuthn technology, and you should check the Browser Compatibility docs for an up-to-date list.
Passkey-related APIs will not work with Expo.
Your users can have a max of 10 passkeys per account.
Passkeys are not currently available as an MFA option.
Not all devices and browsers are compatible with passkeys. Passkeys are built on WebAuthn technology, and you should check the Browser Compatibility docs for an up-to-date list.
Passkey-related APIs will not work with Expo.
Your users can have a max of 10 passkeys per account.
Passkey behavior in development
Passkey behavior in development
Passkeys are associated with the domain they are created on and cannot be used across domains.
For example, a passkey created in localhost will be associated with the localhost domain, and therefore, will not work with your app's hosted Account Portal or sign-in pages.
This won't affect production instances, as the production Account Portal is a subdomain of your app's domain.
Passkeys are associated with the domain they are created on and cannot be used across domains.
For example, a passkey created in localhost will be associated with the localhost domain, and therefore, will not work with your app's hosted Account Portal or sign-in pages.
This won't affect production instances, as the production Account Portal is a subdomain of your app's domain.
Verification methods
Verification methods
Verification methods are the methods that users can use to verify their identifier during the sign-up process, or to verify a new identifier that they add to their profile.
Ollio offers three verification methods:
Email verification link
Email verification code
SMS verification code
These methods work similarly to their authentication strategy counterparts but are used for verifying identifiers rather than authentication. For example, when a user adds an email address to their profile, they can receive an Email verification link or Email verification code to verify the new email address.
To configure verification methods:
In the Ollio Dashboard, navigate to the Email, phone, username page.
Select the settings icon next to the identifier, such as Email address or Phone number, to open the configuration settings.
Under the Verification methods section, toggle on the verification methods you would like to enable.
Select Continue to save your changes.
Verification methods are the methods that users can use to verify their identifier during the sign-up process, or to verify a new identifier that they add to their profile.
Ollio offers three verification methods:
Email verification link
Email verification code
SMS verification code
These methods work similarly to their authentication strategy counterparts but are used for verifying identifiers rather than authentication. For example, when a user adds an email address to their profile, they can receive an Email verification link or Email verification code to verify the new email address.
To configure verification methods:
In the Ollio Dashboard, navigate to the Email, phone, username page.
Select the settings icon next to the identifier, such as Email address or Phone number, to open the configuration settings.
Under the Verification methods section, toggle on the verification methods you would like to enable.
Select Continue to save your changes.
Web3 authentication
Web3 authentication
Ollio provides Web3 authentication with either MetaMask, Coinbase Wallet, or OKX Wallet. As part of validating the accuracy of the returned Web3 account address, Ollio handles the signing of a message and verifying the signature. Because sign-in with Web3 uses the same abstraction as our other authentication factors, like passwords or email links, other Ollio features like multi-factor authentication and profile enrichment work for Web3 users out-of-the-box.
To enable Web3 authentication:
In the Ollio Dashboard, navigate to the Web3 page.
Enable your preferred Web3 provider.
Ollio provides Web3 authentication with either MetaMask, Coinbase Wallet, or OKX Wallet. As part of validating the accuracy of the returned Web3 account address, Ollio handles the signing of a message and verifying the signature. Because sign-in with Web3 uses the same abstraction as our other authentication factors, like passwords or email links, other Ollio features like multi-factor authentication and profile enrichment work for Web3 users out-of-the-box.
To enable Web3 authentication:
In the Ollio Dashboard, navigate to the Web3 page.
Enable your preferred Web3 provider.
Multi-factor authentication
Multi-factor authentication
Ollio supports multi-factor authentication (MFA), also known as two-factor authentication (2FA). If a user enables MFA for their account, they are required to complete a second verification step during sign-in. This enhances security by enforcing two different types of verification. Many websites offer this as an optional step, giving users control over their own security.
MFA is not available on the new application screen, but it can be enabled in the Ollio Dashboard.
In the Ollio Dashboard, navigate to the Multi-factor page.
Toggle on the MFA strategies you would like to enable.
The following MFA strategies are currently available:
SMS verification code
Authenticator application (also known as TOTP - Time-based One-time Password)
Ollio supports multi-factor authentication (MFA), also known as two-factor authentication (2FA). If a user enables MFA for their account, they are required to complete a second verification step during sign-in. This enhances security by enforcing two different types of verification. Many websites offer this as an optional step, giving users control over their own security.
MFA is not available on the new application screen, but it can be enabled in the Ollio Dashboard.
In the Ollio Dashboard, navigate to the Multi-factor page.
Toggle on the MFA strategies you would like to enable.
The following MFA strategies are currently available:
SMS verification code
Authenticator application (also known as TOTP - Time-based One-time Password)
What did you think of this content?
It was helpful
It was not helpful
I have feedback
What did you think of this content?
Helpful
Not helpful
Feedback
Last updated on
Dec
4,
2024
Last updated on
Dec
4,
2024
Social connections (OAuth)
Social connections (OAuth)
Ollio offers several social providers for use during sign-up and sign-in. This authentication option is appealing because users often don't need to enter additional contact information since the provider already has it.
Ollio's OAuth process is designed to be seamless. If an existing user attempts to sign up with a social provider, the system automatically switches to sign-in. Similarly, if a user tries to sign in with a social provider but doesn't have an account, Ollio will automatically create one.
Users can link multiple social providers to their account, depending on your application's setup. You can configure your application to use the Account Portal User Profile page, the prebuilt component, or build your own custom user interface using the Ollio API.
To enable social connections:
In the Ollio Dashboard, navigate to the SSO connections page.
Select the Add connection button, and select For all users.
For development instances, simply select the social providers that you would like to enable. For production instances, you'll need to configure credentials for each social provider. See the social provider's dedicated guide to learn how to configure credentials.
Ollio offers several social providers for use during sign-up and sign-in. This authentication option is appealing because users often don't need to enter additional contact information since the provider already has it.
Ollio's OAuth process is designed to be seamless. If an existing user attempts to sign up with a social provider, the system automatically switches to sign-in. Similarly, if a user tries to sign in with a social provider but doesn't have an account, Ollio will automatically create one.
Users can link multiple social providers to their account, depending on your application's setup. You can configure your application to use the Account Portal User Profile page, the prebuilt component, or build your own custom user interface using the Ollio API.
To enable social connections:
In the Ollio Dashboard, navigate to the SSO connections page.
Select the Add connection button, and select For all users.
For development instances, simply select the social providers that you would like to enable. For production instances, you'll need to configure credentials for each social provider. See the social provider's dedicated guide to learn how to configure credentials.