Magic Links Passwordless Authentication
Magic links are a type of passwordless authentication that sends a unique login link containing a one-time code (the "magic link") to your user's email. Clicking the link allows your user to log in directly, with each link being accessible for a limited time and valid for single use only.
From a developer standpoint, the magic links process involves two main steps: requesting an email verification link and redeeming the email verification link.
Request and Redeem Magic Links Verification Email
Parameters
dns
: tenant domain as shown in the dashboardcommunityName
: tenant community as shown in the dashboardlicenseKey
: tenant license key as shown in the dashboardemailTo
: email to send a magic linkemailSubjectOrNull
: email subject line - enternull
if you wish to omitemailTemplateB64OrNull
: email template, base64 encoded (see below for example) - enternull
if you wish to omitttlSecondsOrNull
: time to live before email verification link expires - enternull
if you wish to omitcreatedBy
: Include a developer reference of who created the verification linkcode
: unique code sent to the requesting email address
Request Format
All requests are plug-and-play, not copy-paste. Please ensure that you are replacing the parameters in the request format below with the actual values for your tenant
- NodeJS
- PHP
- Java
- .NET
- Set tenant info
const BIDAccessCodes = require('blockid-nodejs-helpers/BIDAccessCodes');
const tenantInfo = {
dns: "<dns>",
communityName: "<communityName>",
licenseKey: "<licenseKey>"
}
- Set email recipient, email subject, and email template
let emailTo = '<requesting email address>';
//NOTE: Email template must have {{MAGICLINK}} variable
const emailTemplate = `Click the button below to log in to 1Kosmos Developer Experience. https://${tenantInfo.dns}/devportal/demo?code={{MAGICLINK}}&tab=magiclinks&type=user_signin
This link will expire in 20 minutes.`;
const emailSubjectOrNull = 'Here is your Magic Link!';
let ttlSecondsOrNull = 1;
let createdBy = null;
Your email template must include the {{MAGICLINK}}
variable as shown above to receive a valid magic link
- base64-encode the email template
const emailTemplateB64OrNull = emailTemplate ? Buffer.from(emailTemplate).toString('base64') : null;
- Trigger and send the email containing the magic link:
const requestEmailVerificationResponse = await BIDAccessCodes.requestEmailVerificationLink(tenantInfo, emailTo, emailTemplateB64OrNull, emailSubjectOrNull, createdBy, ttlSecondsOrNull);
- Call function to verify and redeem magic links code
const redeemVerificationCodeResponse = await BIDAccessCodes.verifyAndRedeemEmailVerificationCode(tenantInfo, requestEmailVerificationResponse.code);
- Return verification code response
return redeemVerificationCodeResponse
- Set tenant info
<?php
require_once("./BIDTenant.php");
require_once("./BIDAccessCodes.php");
$tenantInfo = array("dns" => "<dns>", "communityName" => "<communityName>", "licenseKey" => "<licenseKey>");
- Set email recipient, email subject, and email template
$emailTo = "<recipient email>";
$emailTemplate = "Click the button below to log in to 1Kosmos Developer Experience. https://" . $tenantInfo["dns"] . "/devportal/demo?code={{MAGICLINK}} This link will expire in 20 minutes.";
$emailSubjectOrNull = "Here is your Magic Link!";
$createdBy = "devx";
$ttl_seconds_or_null = NULL;
- Base64-encode the email template
$emailTemplateB64OrNull = base64_encode($emailTemplate);
- Trigger and send the email containing the magic link
$requestEmailVerificationResponse = BIDAccessCode::requestEmailVerificationLink($tenantInfo, $emailTo, $emailTemplateB64OrNull, $emailSubjectOrNull, $createdBy, $ttl_seconds_or_null);
- Verify and redeem magic links code
$redeemVerificationCodeResponse = BIDAccessCode::verifyAndRedeemEmailVerificationCode($tenantInfo, $requestEmailVerificationResponse["code"]);
?>
- Set tenant info
BIDTenantInfo tenantInfo = new BIDTenantInfo("<dns>", "<communityName>", "<licenseKey>");
- Set email recipient, email subject, and email template
String emailTo = "<recipient email>";
String emailSubjectOrNull = "Here is your Magic Link!";
String ttl_seconds_or_null = null;
String createdBy = null;
String emailTemplate = "Click the button below to log in to 1Kosmos Developer Experience. https://${tenantdomain.com}/devportal/demo?code={{MAGICLINK}}&tab=magiclinks&type=user_signin This link will expire in 20 minutes.";
Your email template must include the {{MAGICLINK}}
variable as shown above to receive a valid magic link
- Base64-encode the email template
import org.apache.commons.codec.binary.Base64;
byte[] byteData = Base64.encodeBase64(emailTemplate.getBytes());
String emailTemplateB64OrNull = new String(byteData);
- Trigger and send the email containing the magic link:
BIDRequestEmailVerificationLinkResponse requestEmailVerificationResponse = BIDAccessCodes.requestEmailVerificationLink(tenantInfo, "<emailTo>", "<emailTemplateB64OrNull>", "<emailSubjectOrNull>", "<ttlSecondsOrNull>");
- Call function to verify and redeem magic links code
BIDAccessCodeResponse redeemVerificationCodeResponse = BIDAccessCodes.verifyAndRedeemEmailVerificationCode(tenantInfo, "<code>");
- Set tenant info
using BIDHelpers.BIDTenant.Model;
using BIDHelpers.BIDAccessCodes;
BIDTenantInfo bidTenantInfo = new BIDTenantInfo("<dns>", "<communityName>", "<licenseKey>");
- Set email recipient, email subject, and email template
string emailTo = "<recipient email>";
string emailSubjectOrNull = "Here is your Magic Link!";
string ttl_seconds_or_null = null;
string createdBy = null;
string emailTemplate = "Click the button below to log in to 1Kosmos Developer Experience. https://${tenantdomain.com}/devportal/demo?code={{MAGICLINK}}&tab=magiclinks&type=user_signin This link will expire in 20 minutes.";
Your email template must include the {{MAGICLINK}}
variable as shown above to receive a valid magic link
- Base64-encode the email template
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(emailTemplate );
String base64emailTemplate = System.Convert.ToBase64String(plainTextBytes);
- Trigger and send the email containing the magic link:
var requestEmailVerificationResponse = BIDAccessCodes.RequestEmailVerificationLink(bidTenantInfo, "<emailTo>", "<emailTemplateB64OrNull>", "<emailSubjectOrNull>", "<createdBy>", "<ttl_seconds_or_null>");
- Call function to verify and redeem magic links code
var fetchAccessCode = BIDAccessCodes.VerifyAndRedeemEmailVerificationCode(bidTenantInfo, "<requestEmailVerificationResponse.code>");
Example Request
Dummy information is provided in this example
- NodeJS
- PHP
- Java
- .NET
const BIDAccessCodes = require('blockid-nodejs-helpers/BIDAccessCodes');
// Define tenant DNS, community name, and license key.
const tenantInfo = {
dns: 'blockid-trial.1kosmos.net',
communityName: 'default',
licenseKey: "14cd5e85-a422-442a-9a8c-000000000000"
}
let emailTo = 'tom.smith@company.com'; // Requesting email address
//NOTE: Email template must have {{MAGICLINK}} variable
const emailTemplate = `Click the button below to log in to 1Kosmos Developer Experience. https://${tenantInfo.dns}/devportal/demo?code={{MAGICLINK}}&tab=magiclinks&type=user_signin
This link will expire in 20 minutes.`;
const emailSubjectOrNull = 'Here is your Magic Link!';
let ttlSecondsOrNull = 1;
let createdBy = null;
async function testMagicLink(emailTo, emailTemplate, emailSubjectOrNull, ttlSecondsOrNull=1) {
const emailTemplateB64OrNull = emailTemplate ? Buffer.from(emailTemplate).toString('base64') : null;
const requestEmailVerificationResponse = await BIDAccessCodes.requestEmailVerificationLink(tenantInfo, emailTo, emailTemplateB64OrNull, emailSubjectOrNull, createdBy, ttlSecondsOrNull);
const redeemVerificationCodeResponse = await BIDAccessCodes.verifyAndRedeemEmailVerificationCode(tenantInfo, requestEmailVerificationResponse.code);
return redeemVerificationCodeResponse
}
testMagicLink(emailTo, emailTemplate, emailSubjectOrNull, ttlSecondsOrNull).then(response => {
console.log('Magic Link output::', response);
})
<!-- Request Email verification link -->
<?php
require_once("./BIDTenant.php");
require_once("./BIDAccessCodes.php");
$tenantInfo = array("dns" => "blockid-trial.1kosmos.net", "communityName" => "devx", "licenseKey" => "14cd5e85-a422-442a-9a8c-000000000000");
$emailTo = "john.doe@company.com";
$emailTemplate = "Click the button below to log in to 1Kosmos Developer Experience. https://" . $tenantInfo["dns"] . "/devportal/demo?code={{MAGICLINK}} This link will expire in 20 minutes.";
$emailSubjectOrNull = "Here is your Magic Link!";
$createdBy = "devx";
$ttl_seconds_or_null = NULL;
$emailTemplateB64OrNull = base64_encode($emailTemplate);
$requestEmailVerificationResponse = BIDAccessCode::requestEmailVerificationLink($tenantInfo, $emailTo, $emailTemplateB64OrNull, $emailSubjectOrNull, $createdBy, $ttl_seconds_or_null);
<!-- Verify and Redeem Email verification link -->
$redeemVerificationCodeResponse = BIDAccessCode::verifyAndRedeemEmailVerificationCode($tenantInfo, $requestEmailVerificationResponse["code"]);
?>
// Set tenant info and import libraries
import org.apache.commons.codec.binary.Base64;
BIDTenantInfo tenantInfo = new BIDTenantInfo("blockid-trial.1kosmos.net", "default", "14cd5e85-a422-442a-9a8c-000000000000");
// Set email recipient, email subject, and email template
String emailTo = "john.doe@company.com"; // Requesting email address
String emailSubjectOrNull = "Here is your Magic Link!";
String ttlSecondsOrNull = null;
String createdBy = null;
//NOTE: Email template must have {{MAGICLINK}} variable
String emailTemplate = "Click the button below to log in to 1Kosmos Developer Experience. https://${blockid-trial.1kosmos.net}/devportal/demo?code={{MAGICLINK}}&tab=magiclinks&type=user_signin This link will expire in 20 minutes.";
// Base64 encode the email template
byte[] byteData = Base64.encodeBase64(emailTemplate.getBytes());
String emailTemplateB64OrNull = new String(byteData);
// Trigger and send the email containing the magic link
BIDRequestEmailVerificationLinkResponse requestEmailVerificationResponse = BIDAccessCodes.requestEmailVerificationLink(tenantInfo, emailTo, emailTemplateB64OrNull, emailSubjectOrNull, ttlSecondsOrNull);
// Call function to verify and redeem magic links code
BIDAccessCodeResponse redeemVerificationCodeResponse = BIDAccessCodes.verifyAndRedeemEmailVerificationCode(tenantInfo, requestEmailVerificationResponse.code);
// Set tenant info and import libraries
using BIDHelpers.BIDTenant.Model;
using BIDHelpers.BIDAccessCodes;
BIDTenantInfo bidTenantInfo = new BIDTenantInfo("blockid-trial.1kosmos.net", "devx", "b65b22ec-181a-4b7f-8116-6eee20000000");
// Set email recipient, email subject, and email template
string emailTo = "john.doe@company.com"; // Requesting email address
string emailSubjectOrNull = "Here is your Magic Link!";
string ttl_seconds_or_null = null;
string createdBy = "6ad29543-bf72-466d-ade9-51f4b36330000";
//NOTE: Email template must have {{MAGICLINK}} variable
string emailTemplate = "Click the button below to log in to 1Kosmos Developer Experience. https://${blockid-trial.1kosmos.net}/devportal/demo?code={{MAGICLINK}}&tab=magiclinks&type=user_signin This link will expire in 20 minutes.";
// Base64 encode the email template
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(emailTemplate);
string base64emailTemplate = System.Convert.ToBase64String(plainTextBytes);
// Trigger and send the email containing the magic link
var requestEmailVerificationResponse = BIDAccessCodes.RequestEmailVerificationLink(bidTenantInfo, emailTo, base64emailTemplate, emailSubjectOrNull, createdBy, ttl_seconds_or_null);
// Call function to verify and redeem magic links code
var fetchAccessCode = BIDAccessCodes.VerifyAndRedeemEmailVerificationCode(bidTenantInfo, requestEmailVerificationResponse.code);
Server Responses
Request Email Verification
- 200
{
"emailResult": {
"status": true,
"statusCode": 200,
"message": "https://blockid-trial.1kosmos.net/acr",
"error": null,
"gatewayId": "619cd2d01f74af757bb00000",
"gatewayName": "Default Email Gateway",
"resultId": "32d36f7f-ea59-4ad2-9235-d847cc700000",
"messageId": "fecf1e76-5851-42f0-9b9a-172b4f400000",
"ts": 1656480123
},
"link": "2927269a-deba-4f48-ba8c-9d6ee7900000",
"code": "2927269a-deba-4f48-ba8c-9d6ee7900000",
"statusCode": 200
}
The verification request email was accepted, and a magic link code was generated.
Verify and Redeem Email Verification
- 200
- 429
- 410
{
"message": "redeemed",
"ttl_seconds": 14400,
"type": "verification_link",
"phoneRequired": false,
"uuid": "2927269a-deba-4f48-ba8c-000000000000",
"ttl": 0,
"tenantId": "5f3d8d0cd866fa6100000000",
"createdTime": 1656480123,
"id": "62bbe17b5e3e7a5300000000",
"communityId": "5f3d8d0cd866fa6100000000",
"accesscodepayload": {
"otp_email": "tom.smith@company.com",
"authType": "none",
"invite_email": "tom.smith@companyy.com"
},
"status": "redeemed",
"statusCode": 200
}
Magic links code was successfully redeemed by the requesting email.
{
"message": "Some exception occured while processing the request ((E.Acr.fac.L244)). Code Already Redeemed",
"statusCode": 429
}
The magic links code was redeemed previously.
{
"message": "Some exception occurred while processing the request ((E.Acr.fac.L244)). Code already expired,
"statusCode": 410
}
The magic links code has expired.