Blog

Enhance Customer’s Experience with Passwordless Login

Salesforce passwordless login Use Case :

Remembering the usernames and passwords of experience sites can be frustrating for customers and lead to decreased engagement. To simplify the process, configure a passwordless login. This method allows customers to log in, sign up, and verify their identity without needing passwords, enhancing both accessibility and security. In this blog, we’ll explore the benefits of passwordless login and how to implement it to improve user experience.

Passwordless Login

Customer Registration :

  • Customers sign up with their email address or phone number.
  • Salesforce sends a verification code to the provided contact method.
  • Users enter the verification code in Salesforce to complete their registration.

Customer Login :

  • Each time users log in, Salesforce sends them a verification code.
  • Users enter the verification code instead of a password to access their account.

Note : We can also enable this for existing customer portal users as long as their email address and mobile are verified by Salesforce.

Setting Up Passwordless Login :

Considerations :

To set up passwordless login using text/SMS, you’ll need ‘Salesforce Identity Licenses’ along with Identity Verification Credits, which are required to send verification SMS messages.

Customers using mobile-first identity receive email verification for free. Additionally, you can offer mobile verification via text message for an extra cost. SMS messaging requires the Identity Verification Credits Add-On License. Purchasing this license provides your organization with a set number of SMS messages for mobile identity verification.

Create a Custom Login Discovery Page :

1. Go to Setup and search for All Sites.
2. Click Workspaces next to your site name.

3. In Workspaces, select Administration and then Login & Registration.
4. Under Login Page Setup, choose Login Discovery Page.
5. Customise the login prompt text (e.g., “Email Address or Phone Number”) using a custom label if needed.

Configure the Login Discovery Handler :

  1. Leave the Login Discovery Handler field blank and click Create a Login Discovery Handler. Salesforce will auto-generate the Apex handler.
    Note : The auto generated apex class starts with the name ‘AutocreatedDiscLoginHandler’ followed by a few digits and this can be customised as per our requirements.
  2. For Execute Login As, select a Salesforce admin with the Manage Users permission. This user will be associated with the handler’s operations.
  3. Deselect Allow employees to log in directly to the site if selected. The Login Discovery Page does not support direct login for org employees, but you can redirect them to an Identity Provider (IdP).

Registration Page Configuration :

  1. Enable ‘Allow customers and partners to self-register’.
  2. For ‘Registration Page Type’  choose ‘Configurable Self-Reg Page’, this option provides you with more options to customize the page and how we want to handle the registration.
  3. For ‘User Fields’ select the ones that you want to collect from the user on registration.
  4. Leave the Configurable Self-Reg Handler field blank and click Create a Configurable Self-Reg Handler. Salesforce will auto-generate the Apex handler.
    Note : The auto generated apex class starts with the name  AutocreatedConfigSelfReg followed by a few digits and this can be customised as per our requirements.
  5. For Execute Login As, select a Salesforce admin with the Manage Users permission. This user will be associated with the handler’s operations.
  6. For the verification method choose the one you need(Email/ Text message).
  7. (Optional)For Assign users to a profile and account, you could choose the default profile and account that the user will be assigned to.
  8. Leave the rest of the fields as it is.
  9. Now click on the Save button.

By following these steps, you can implement passwordless login in Salesforce, making it easier for users to sign up and log in without the hassle of remembering passwords. This not only simplifies the user experience but also enhances security by relying on verification codes.

Additional informations :

  • When a user makes an error while attempting to log in to your site, the Apex handler will show a generic error message. However, you can personalize the error message displayed on the login page by using the `Auth.DiscoveryCustomErrorException` exception.
    For example, throw new Auth.DiscoveryCustomErrorException(‘Custom error message defined by the admin user.’).
  • Instead of entering the custom error message in the Apex class, you can also create the error message as a custom label(up to 200 characters).
    For example, throw new Auth.
    DiscoveryCustomErrorException(Label.CustomError)
  • With VF sites you get the default branding options to reflect your brand but with LWR we need to custom build the login page.

Demo :

Click on the Sign Up

Provide your email address and click on Sign Up button. You will receive the invitation email for the site.

Now enter the email address that was provided for signing up and click on Log In, you will receive an email with a verification code like below :

Enter the verification code you received and click on Verify. You will be navigated to your site.

Please make use of the below salesforce links for more information on Identity verification licenses and to customise the login discovery handler :

https://help.salesforce.com/s/articleView?id=sf.identity_licenses.htm&type=5

https://help.salesforce.com/s/articleView?id=sf.external_identity_passwordless_login_customize_discovery_handler.htm&type=5

https://developer.salesforce.com/docs/atlas.en-us.apexref.meta/apexref/apex_class_System_UserManagement.htm#unique_514257829