Automatic Login

The automatic login functionality, available for some authenticators, allows the user to automatically log in after some authentication management operations, without needing to provide additional information.

As an example, the HTML Forms Authenticator allows the user to automatically login after a successful activation or password recovery, without having to provide the password again.

Automatic login is always disabled by default for all authenticators. To enable it on a specific supported authenticator, the auto-login-enabled property needs to be assigned with true on that authenticator’s configuration.

When automatic login is enabled for a specific authenticator, the following behaviour is provided by the authentication service:

  • After certain authenticator operations (e.g. account activation, password recovery, device registration), the success page will present a new option, allowing the user to automatically login with the shown user name.
  • When this new option is selected, the user will be redirected to the authenticator’s login page. There, the user will be automatically authenticated without having to provide additional information.

Sometimes the automatic authentication cannot be completed immediately because there isn’t enough contextual information. An example of this happens when an user starts an authentication flow on one browser, selects password recovery, and then ends that recovery flow on a different browser. In those cases, restarting a new authentication flow in the browser where the recovery flow was completed will still perform an automatic login.

Automatic login will only happen if:

  • The authenticator’s auto-login-enabled is true.
  • The user explicitly selects that option on an user management success page (e.g. account registration, account activation, device registration).
  • The elapsed time between the successful management operation and the user selecting the automatic login option doesn’t exceed a fixed time limit, currently set to two minutes. When this time is exceeded, the regular authenticator’s flow will be used and the login will not happen automatically.

Authenticator Availability

Automatic login is available for the following authenticators:

The operations where automatic login is available are described in the specific authenticator documentation.