container: HTMLElement|id,
  auth: object,
  // Optional arguments
  allowLogin: boolean,
  allowWebAuthnLogin: boolean,
  allowSignup: boolean,
  allowForgotPassword: boolean,
  initialScreen: boolean,
  signupFields: string[]|object[],
  socialProviders: string[],
  showLabels: boolean,
  showRememberMe: boolean,
  canShowPassword: boolean,
  displaySafeErrorMessage: boolean,
  countryCode: string,
  onReady: function,
  theme: object,
  i18n: object,


Show the authentication widget with signup, login, and forgot password forms.

  • The Raas feature must be enabled on your ReachFive Console account.

  • The SMS feature must be enabled on your ReachFive Console account if the profile can choose his phone number to login.

  • The WebAuthn feature must be enabled on your ReachFive Console account if the profile can choose to login with biometrics.


// The SMS feature is disabled on the ReachFive account
    container: 'auth-container',
    auth: {
      redirectUri: ''
    allowForgotPassword: false,
    initialScreen: 'login',
    signupFields: [
      { key: 'given_name', label: 'Given name', required: false },
      { key: 'family_name', label: 'Family name', required: false },
    socialProviders: ['facebook', 'google'],
    showLabels: true,
    showRememberMe: true,
    countryCode: 'US',
    onReady: instance => {
      // Destroy the widget
      // if (...) instance.destroy()
    theme: {
      primaryColor: '#274890',
      borderRadius: '25',
      socialButton: {
        inline: true
    i18n: {
      email: 'Email'



showAuth signup

Signup with custom password policy

Set password constraints in the ReachFive Console (Settings  Security  Password policy).

showAuth signup custom rules


showAuth login

Login with biometric

showAuth login with biometric

Forgot Password

showAuth forgotpassword


container HTMLElement |id

The DOM element or the id of a DOM element in which the widget should be embedded.

auth object

List of authentication options

responseType string

Should be set to code for server-side authentication, and token for client-side authentication.

Defaults to code when redirectUri is provided, and to token otherwise. For messenger account linking, responseType should be set to messenger_code.

redirectUri string

The URL where the user will be redirected back to after authentication.

This value is required with code response type and defaults to the current page with token response type. For messenger account linking, redirectUri should be set with the redirect_uri query param provided by Facebook on URL.

state string

Persist data between user being directed to the authorization server and back again.

Use case: help mitigate CSRF attacks or indicating which app’s pages to redirect to after authorization. Could be Base64 encoded JSON object, JWT or nonce.

prompt string

Specify whether social provider must prompt for reauthentication or consent.

The defined values are:

  • none: no authentication nor consent. The user must be already authenticated in social provider.

  • login: the social provider must prompt the user for reauthentication.

  • consent: the social provider must prompt for consent.

nonce string

String value used to associate a local session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified to the ID Token.

popupMode boolean

Whether to use popup mode.

Defaults to false.

This mode is not recommended due to known bugs in Android or Firefox in iOS.

origin string

Free text parameter describing the source of the login (only for reporting purpose).

scope string[]

The list of the profile’s scopes. Make sure they are allowed by the client.

Optional if the fetchBasicProfile option is set to true and default scopes are the allowed scopes set up in the client’s configuration.

fetchBasicProfile boolean

Fetch user’s basic profile information when they sign in. Adds profile, email, phone and openid to the requested scopes.

Defaults to true.

accessToken string

Access token of the current user. Enables social login linking to an existing account.

providerScope string

Whitespace separated list of scopes that you want to request from the social provider.

Defaults to scope configured in your ReachFive’s console.

Only for login with social provider.

requireRefreshToken boolean

If set to true, an OAuth 2.0 Refresh Token will be present in the token response.

Defaults to false.

Settings this parameter to true is equivalent to adding the OpenID’s offline_access scope value to the requested scopes.

Only accessible if your Client’s authorization method is POST, and if the Refresh Token option is selected.

allowLogin boolean

Whether login is enabled.

Defaults to true.

allowWebAuthnLogin boolean

Whether biometric login is enabled.

Defaults to false.

allowSignup boolean

Whether the signup is enabled.

Defaults to true.

allowForgotPassword boolean

Whether forgot password is enabled.

Defaults to true.

However, if the allowLogin and allowSignup properties are set to false, the forgot password feature will still be enabled, even if allowForgotPassword is set to false.

initialScreen string

The widget initial screen.

Possible values: login, login-with-web-authn, signup or forgot-password.

Defaults to:

  • if allowLogin is set to true, defaults to login.

  • if allowLogin is set to false and allowSignup is set to true, defaults to signup.

  • if allowLogin is set to false and allowWebAuthnLogin is set to true, defaults to login-with-web-authn.

  • otherwise, defaults to forgot-password.

signupFields string

List of the signup fields to display in the form.

Defaults to ['given_name', 'family_name', 'email', 'password', 'password_confirmation'].

A field is either a string representing the field’s key (predefined, custom field or consent) or an object with attributes overloading default field configuration.

Predefined fields:

  • Given name: given_name

  • Family name: family_name

  • Email address: email

  • Phone number: phone_number (both the international format and the national conventions of the account’s country are accepted if configured in your account settings)

  • Password: password

  • Password confirmation: password_confirmation

  • Gender: gender

  • Birthdate: birthdate

  • Custom field: custom_fields.<custom_field_key>

  • Consent: consents.<consent_key> (the Consents feature must be enabled)

All the predefined fields are required.

socialProviders string[]

List of the available social providers.

Defaults to all configured providers in your account settings.

showLabels boolean

Whether the signup form fields' labels are displayed on the login view.

Defaults to false.

showRememberMe boolean

Whether the Remember me checkbox is displayed on the login view. Affects user session duration.

The account session duration configured in the ReachFive Console (Settings  SSO) applies when:

  • The checkbox is hidden from the user

  • The checkbox is visible and selected by the user

If the checkbox is visible and not selected by the user, the default session duration of 1 day applies.

Defaults to false.

canShowPassword boolean

Whether or not to provide the display password in clear text option.

Defaults to false.

displaySafeErrorMessage boolean

Whether or not to display a safe error message on password reset, given an invalid email address. This mode ensures not to leak email addresses registered to the platform.

Defaults to false.

countryCode string

The ISO country code useful to format phone numbers.

Defaults to the predefined country code in your account settings or FR.

onReady function

Callback function called after the widget has been successfully loaded and rendered inside the container. The callback is called with the widget instance.

theme object

The options to set up to customize the appearance of the widget.

primaryColor string

The button and link default color.

Default to #229955.

borderRadius string

The radius of the social login button and other input. Can be used to make circle social login button with inline used.

Default to 3.

socialButton object

Social button theming options.

i18n object

Widget labels and error messages to override. Falls back to the default wordings in en, fr, es, it and nl. For example, you might re-word the socialAccounts.linkNewAccount or change the way other wordings display to the user while leaving the remaining text on the widget intact.