Authsignal can be used not just for MFA or secondary authentication but also as the primary authentication step in your login flow.

We recommend looking up users by their login identifier (e.g. email or username) in your user DB or external IdP before tracking an action to initiate a passwordless login challenge.

Authsignal is typically not used as the primary system of record for your user data - it’s why we integrate well with other identity platforms like AWS Cognito, Azure AD B2C or Duende Identity Server.

Track action on login

Call track after looking up the user in your DB or external IdP to obtain a challenge URL.

const result = await authsignal.track({
  userId: user.id,
  action: "login",
  redirectUrl: "https://yourapp.com/callback",
});

const url = result.url;

Then follow the standard integration steps to launch the challenge URL and validate the result.

You can also implement a similar flow using Client SDKs.

Next steps