Skip to main content
BuyLog In
XAF: Cross-Platform .NET App UI & Web API
Search in…
Docs > Application Security and Data Safety > Security (Access Control & Authentication) > User Logon and Authentication > OAuth and Custom Authentication > OAuth2 Authentication - Passkey, Forgot My Password, and Two-Factor Authentication Support
All docs
V24.2
.NET Framework 4.6.2+
XAF: Cross-Platform .NET App UI & Web API
.NET Support and Migration
Getting Started
Installation, Upgrade, Version History
Backend Web API Service
UI Shell and Base Infrastructure
Storage, ORM, and Business Model Design
Data Manipulation and Business Logic
User Interface and Behavior Customization
Data Filtering
Application Security and Data Safety
Security (Access Control & Authentication)
Security Tiers
User Logon and Authentication
Authentication System Architecture (Blazor)
OAuth and Custom Authentication
Use Active Directory and OAuth2 Authentication Providers in ASP.NET Core Blazor Applications
Active Directory and OAuth2 Authentication Providers in WinForms Applications
Customize Standard Authentication Behavior and Supply Additional Logon Parameters
OAuth2 Authentication - Passkey, Forgot My Password, and Two-Factor Authentication Support
OAuth2 Authentication Providers in ASP.NET Web Forms Applications
Passwords in the Security System
Customize the Logon Window Appearance And Behavior
ORM Object Model, Policy Configuration and Storage
Authorization and Data Protection
Non-XAF UI Scenarios
Security Considerations
Audit Trail (History of Data Changes)
Multi-Tenancy (Data per Tenant)
Validation (Prevent Data Errors)
Conditional Appearance (Manage State of UI Elements)
Reporting (Shape, Export & Print Data)
Analytics (Extract Data Insights)
Document Management
Business Process Management
Event Planning
Localization
Accessibility Support
Debugging, Testing and Error Handling
Deployment
Support, QA & Troubleshooting
API Reference
Download CHM

OAuth2 Authentication - Passkey, Forgot My Password, and Two-Factor Authentication Support

  • 2 minutes to read

Your XAF Blazor or WinForms application can use external OAuth 2 authentication providers (for example, Microsoft Entra ID or Google) and their integrated capabilities such as Passkey, Forgot Password and Two-Factor Authentication. Note that these features are implemented and maintained by the providers rather then by XAF. Their availability depends only on the provider’s configuration and on the organization’s domain policies if such policies are applicable and are in use.

Details

As an example, when a user initiates a logon process through Microsoft Entra ID, the following popup window appears:

Entra ID logon form

This window displays a logon form that is common for Microsoft web-based resources with all logon options available. For example:

Two-Factor Authentication

If two-factor authentication is enabled, the logon form will prompt a user to take an additional verification step after the user enters their login ID and password. The additional step may differ depending on the two-factor authentication method used.

Entra ID - two-factor authentication

Forgot My Password

The Forgot my password action redirects the user to a password recovery page. Once the user has recovered the password, the initial logon page of the Entra ID logon form is displayed.

Entra ID - forgot password

Passkey

If a user clicks the Sign-in options button on the initial logon page, the form switches to the page with additional authentication methods. For example, the user can follow the passkey flow to log in.

Entra ID - passkey