CRM and CX Blogs by SAP
Stay up-to-date on the latest developments and product news about intelligent customer experience and CRM technologies through blog posts from SAP experts.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Password less Registration and Login process with SAP CDC – Part 3

sureshmusham
Advisor
Advisor
‎11-07-2023 6:03 PM
Welcome to the third part of the Passwordless authentication process with SAP CDC series.

This blog series mainly focuses on how we implement the passwordless authentication using SAP CDC. This is a continuation to the Part 2 which explains how to implement one of the SAP CDC passwords less authentication which is FIDO using Passkeys. Part 3 will cover the next password authentication type of SAP CDC that is Email OTP and Magic Link.

If you haven’t already, please also check out Part 1 and Part 2 of the series.

 

Part 1Phone Number Login 

Part 2FIDO Authentication (Passkey)

Part 3Email OTP and Magic Link (Current)

Part 4:  Push Authentication

 

Email OTP and Magic Link:


Other forms of password less authentication supported by SAP CDC are Email OTP and Magic Link.

The user will receive a one-time code to their email account when opted for Email OTP and a HTML link to their email when opted for Magic link authentication. On click of this link the user will be able to login to their account.

 

Pre-requisites:

  1. The use Email OTP or Magic Link type of authentication, the site policy must be set to use Email as the Login Identifier.

  2. Magic link domain should be added to the trusted URLs list in site setting in SAP CDC.

  3. Configure the Magic Link email template with the domain name.


 

 

Configuration:

  1. Enable the Authentication Type as Email OTP and Magic Link Configuration under Identity > Security > Authentication Types.

  2. Set the Landing Page URL for the Magic link. This is the link where the user will be navigated to once he clicks on the URL link sent through email. This URL should generally be the landing page of your web site.

  3. Also, you can change the Expiration of the magic link from 60seconds to 600seconds (10mins).

  4. Configure the PasswordlessLogin screenset to log in the existing user and to register a new user using Email OTP and Magic link. This can also be implemented using RegistrationLogin Screenset, but the easiest method is to link site’s login button to the PasswordlessLogin screen.

  5. On submission on the email in the passwordlessLogin screen, they will be navigated to the AuthMethods to choose between Magic Link or Email Code to proceed login.


 

 

Testing the user flow with Magic Link:

  • Login with PasswordlessLogin screen to your site, by provide the valid email. Then Submit the screen.

  • Auth Methods screen will be displayed, select Magic Link button.

    A screen will appear stating the Magic Link has been sent to your email.



  • The email will look like below

  • On click of this link, the user will be able to login to the site.


 

 

Testing the user flow with Email OTP:

  • Login with PasswordlessLogin screen to your site, by provide the valid email. Then Submit the screen.

  • Auth Methods screen will be displayed, select Email OTP button.

  • Enter the code you received in the email with subject Account VerificationOn submitting the code, you will be able to login to your site.


 

Please proceed to the final Part 4 of this blog series to know more about Push Authentication offered by SAP CDC.

 
Popular Blog Posts