Manage Magic Links

A Magic Link allows a user to authenticate without using entering their username or password. When enabled, the user receives an email with a Magic Link that is used to authenticate. Magic Links are time-sensitive and for single use only.

When configuring Magic Link settings:

●       Magic Links can be configured as an authenticator in an authentication flow for SAML, OIDC and OAuth, and Authentication applications and the User Portal. See Configure Magic Link for users.

●       For a user to be able to use a Magic Link for authentication, Magic Link must be enabled as a second-factor authenticator in the resource rule authentication flow. See Create authentication flows.

●       Registration must be enabled to send users Magic Link for registration. See Configure user registration

●       Password Reset must be configured to send Magic Links to users for password reset. See Enable password reset.

Configure Magic Links

1.      Click > Policies > Authenticators. The Authenticators page appear.

2.      Click Magic Link. The Magic Link page appears.

3.      Select Registration Magic Link to allow administrator initiated Magic Links for registration.

4.      Select Password Reset Magic Link to allow administrator initiated Magic Links for password reset.

5.      Optional. Select Redirect Enabled to redirect a user to an allowed URL after they complete registration or password reset. This feature is disabled by default. If you enable the feature, then do the following:

a.      Click Add. The Allowed URL field appears.

b.      Enter the Allowed URL. You can add up to 20 redirect URLs. Wildcards (for example *) cannot be used in the redirect URL cannot be used customer paths or ports. The URL must be an exact match when creating the Magic Link.

Note: Redirect URLs work only for users of Administration APIs.

6.      Set the Lifetime before the Magic Link expires.

7.      Select the Default User Email Attribute to automatically send users a Magic Link.

●        If you do not select this option, you can send a Magic Link to individual users. See Set Magic Link registration for users.

●       If a user has multiple email addresses, select the one that automatically receives the Magic Link. See Create and manage user attributes to create an alternate email for a user.

8.      Click Save.

Note: If the registration process is cancelled or there is an error using the Magic Link, the redirect URL includes the outcome, for example https://example.com/?outcome=cancel.