SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Is there an easy way to bypass passwordless authentication for security scans? We were looking to use zap just in our development environment for security testing but wasnt sure on the best way for it to bypass auth. We were thinking we might just have to create another login page thats username/password for the zap user.

Hey. It is possible. You can directly create a session using Session.createNewSession function in a custom api on your backend

The input would be the user id for whom you want to create the session

More details on this here: https://supertokens.com/docs/session/common-customizations/sessions/new-session