Incognia integrates with Auth0 by evaluating every authentication attempt passed through its platform to assess risk. The risk assessment relies on device identifiers, user-provided information, and location behavior collected by the Incognia SDK, which needs to be integrated with your mobile app to support the protection of your mobile logins.
The integration consists of a custom Auth0 Rule that gets executed and communicates with the Incognia APIs. Auth0 Rules run at the end of the authentication process and have access to request related information provided by your app.
An active Auth0 account
An Incognia account (sign up here)
A mobile app to install the Incognia SDK. The app must ask for user location permission. Foreground location permission is mandatory and background is preferred.
The address provided by the user (for Incognia Onboarding integration only)
There are two integrations available on Auth0: Onboarding and Authentication. Which one to use depends on your use case:
The Incognia Onboarding integration leverages device intelligence and location behavior to deliver precise address verification. This integration relies on the Incognia Onboarding API and is recommended for verifying new users.
The Incognia Authentication integration verifies login attempts by analyzing the location behavioral pattern of each user and matching it to their login history. Transactions initiated at unfamiliar locations will result in a higher risk score. This integration relies on Incognia Transaction API.
With this integration the authentication process can be customized to trigger or bypass MFA challenges, depending on the risk assessment.
Save the Rule
Go to the Rules Section on the Auth0 dashboard
Scroll down to the Settings section
Then proceed to set up the SDK and finish the integration: