Passwordless Login Page (Salesforce Community)

Passwordless Custom Login Page for Community in Salesforce, which means community users in Salesforce can login without password. What?? Passwordless Login Page ? What about security……. In Summer 18 release salesforce has provided an out of the box method to do this. This feature is called passwordless login. This feature is available for Lightning communities and Salesforce Tabs + Visualforce accessed through Lightning Experience and Salesforce Classic. Communities are available in Enterprise, Performance, Unlimited, and Developer editions. SMS verification method is in Beta when I am writing about this. You will have to connect with Salesforce support to enable SMS verification method.

The controller:
The controller code can be something like this:
global with sharing class CRMLoginController {

//Input variables
global String urn{get; set;}
public String startURL{get; set;}
public List methods;
public String error;

global CRMLoginController ()
{
startURL =’https://appstrailhead-developer-edition.na40.force.com/s/’;
// Add verification methods in priority order
methods = new List();
methods.add(Auth.VerificationMethod.SMS);
methods.add(Auth.VerificationMethod.EMAIL);
methods.add(Auth.VerificationMethod.U2F);
methods.add(Auth.VerificationMethod.SALESFORCE_AUTHENTICATOR);
methods.add(Auth.VerificationMethod.TOTP);
}

global PageReference login() {
List users = null;
// Empty input
if(urn== null || urn== ”)
{
error = ‘Enter Username’;
return null;
}

users = [select name, id, email from User where username=:urn];
system.debug(‘==users ===’+users );
if(users == null || users.isEmpty())
{
error = ‘Can\’t find a user’;
return null;
}

if (startURL == null) startURL = ‘/’;
system.debug(‘==startURL===’+startURL );
PageReference pref= Site.passwordlessLogin(users[0].id, methods, startURL);

return pref;
}
}

Visualforce page for the login screen can be something like this: (PortalLogin)

 

<apex:page id=”loginPage” controller=”CRMLoginController” title=”{!$Label.site.site_login}” showHeader=”false” applyHtmlTag=”false” applyBodyTag=”false” standardStylesheets=”false” docType=”html-5.0″>

<meta name=”viewport” content=”width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no”/>

<link href=”https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css” rel=”stylesheet” integrity=”sha384-WskhaSGFgHYWDcbwN70/dfYBj47jz9qbsMId/iRN3ewGhXQFZCSftd1LZCfmhktB” crossorigin=”anonymous”/>
<div class=”container-fluid”>
<div class=”loginpanel” style=”background:#fff;padding:100px;”>
<img src=”https://i0.wp.com/getthekt.com/wp-content/uploads/2017/03/getthektlow.png” class=”img-responsive” alt=”Responsive image” width=”300px”/>
<apex:form styleClass=”form-horizontal”>
<div class=”form-group”>
<label for=”exampleInputEmail1″>User Name</label>
<apex:inputText id=”exampleInputEmail1″ value=”{!urn}”/>
</div>
<div class=”form-group”>
<apex:commandButton action=”{!login}” value=”Login” />
</div>
</apex:form>
</div>
</div>
</apex:page>

Community Settings:
Set the page we created as login screen

portaladmin
portaladmin

Login screen where community users lands:

loginscreen

Provide user name and no password.

loginscreen userid

Verification code page

code page

You will receive the code in email enter the code here and it should land on the home page. NO PASSWORD NEEDED 🙂

logged in

Conclusion:
This is one of the method to login. We can also have other methods such as Salesforce authentication apps, SMS etc. Users are increasingly using their mobile devices to do their work. Some users, like retail customers and service reps, work solely on their mobile devices. Regardless of whether users are accessing a browser on their mobile device or desktop, remembering a password is inconvenient. External users can verify their identities with an email one-time password, Salesforce Authenticator, time-based one-time password (TOTP), or Universal 2nd Factor (U2F). Users can also verify their identities by text message (SMS), currently in beta. Hope you can use this without issues.

Keep reading and sharing ..


Comments

4 responses to “Passwordless Login Page (Salesforce Community)”

  1. Ashutosh Pradhan Avatar
    Ashutosh Pradhan

    Hi,

    It is a nice blog. but I am not able to get the verification code for community user in an email. Getting following error
    “This user doesn’t have access to this verification method”.

    1. Thanks @Ashutosh ! Did you check if you are missing any permissions ? Refer to the below link for more info. You might not have enabled the permission for the user.
      https://help.salesforce.com/articleView?id=000332387&type=1&mode=1

    2. Arvind Avatar

      Did you get the reason for this error? I am also facing the same error.

      1. Amit Sahu Avatar
        Amit Sahu

        Did you check the link I have shared with the other comment ? Mostly it’s a permission issue.

Leave a Reply

Your email address will not be published. Required fields are marked *