Skip to main content

Login flows

The login flow directs users through an authentication process before they access your service with their account.

Flow dependencies

Users can log into their accounts using a number of authentication methods.

The exact steps of the login depend on two main factors:

  • Authentication options applied by the administrator in the Management console;
  • Authentication methods the user sets up during signup and login flows.

Example case

The administrator sets up Single-factor authentication in the Management console. In this case, the user has the option to set up authentication by username (email) and password. If the administrator also allows login with social accounts, the user can also set up authentication by social accounts.

Depending on which of the authentication methods the user sets up, they are able to use it to log into their account:

  • Login with username (email) and password.
  • Login with social accounts.
  • Login with username (email) and password; and by social accounts.

Supported authentication types

The authentication methods the administrator allows in the Management console and those that the user has set up define the options available to the user during login.

Identity Cloud supports the following authentication methods:

Login flow in general

To access your application, the user needs to log in. With Identity Cloud, this means visiting the Identity Cloud login page and going through authentication.

Single-factor login flow in general

  1. Go to the Identity Cloud login page.
  2. Choose the login method:
  • Login with password: Enter username (email) and password.
  • Login with social account: Select the social identity provider and provide account verification details.

After successful verification with the chosen authentication method, the user is logged into their account with your application.

See the detailed steps of each single-factor authentication login flow under Single-factor login.

Multi-factor login flow in general

  1. Go to the Identity Cloud login page.
  2. Provide the primary authentication with the username (email) and password.
  3. On the secondary authentication page, choose the preferred authentication method and provide verification details.

After successful verification of both the primary and secondary authentication methods, the user is logged into their account with your application.

See the detailed steps of each multi-factor authentication login flow under Multi-factor login.

Login with Social providers

In case of a multi-factor login flow where a social provider is used (Google, Microsoft, Apple, Facebook) there is no need to register and use a second factor such as SMS, authenticator app and recovery codes.

Verification is done by completing the social provider's verification steps.

Passwordless login flow in general

  1. Go to the Identity Cloud login page.
  2. On the login page enter the registered email and click Continue.
  • If the user is on a device with local passkey and biometric authentication capabilities, then passkey authentication and access app authentication are offered. If the user skips these authentication methods, they are offered to authenticate using email codes.
  • If the user is not on a device with local passkey and biometric authentication capabilities, email code verification is offered by default.
  1. After successful verification, the user is logged into their account with your application.

See the detailed steps of each passwordless authentication login flow under Passwordless login