> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Finalize Email Magic Link Challenge

> The email magic link challenge is verified when the user clicks on the link sent to their email. Use this endpoint to finalize the challenge, checking if the user has clicked on the magic link (e.g. via polling).



## OpenAPI

````yaml client-api POST /verify/email-magic-link/finalize
openapi: 3.0.0
info:
  description: Authsignal's Client API.
  version: 1.0.0
  title: Client API
  termsOfService: https://www.authsignal.com/legal/terms-of-service
  contact:
    email: hello@authsignal.com
servers:
  - url: https://api.authsignal.com/v1/client
  - url: https://au.api.authsignal.com/v1/client
  - url: https://eu.api.authsignal.com/v1/client
  - url: https://ca.api.authsignal.com/v1/client
security:
  - bearerAuth: []
tags:
  - name: User authenticators
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: SMS
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: WhatsApp
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: Email Magic Link
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: Email OTP
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: Authenticator App
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: Passkeys
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
externalDocs:
  description: Find out more about Authsignal
  url: https://docs.authsignal.com
paths:
  /verify/email-magic-link/finalize:
    post:
      tags:
        - Email Magic Link
      summary: Finalize Email Magic Link Challenge
      description: >-
        The email magic link challenge is verified when the user clicks on the
        link sent to their email. Use this endpoint to finalize the challenge,
        checking if the user has clicked on the magic link (e.g. via polling).
      operationId: finalizeEmailMagicLinkChallenge
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                challengeId:
                  type: string
                  description: The ID obtained when starting the challenge.
              required:
                - challengeId
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                type: object
                properties:
                  isVerified:
                    type: boolean
                    description: True if the email magic link was clicked by the user.
                  accessToken:
                    type: string
                    description: >-
                      A new short-term token with scopes to manage
                      authenticators (e.g. add secondary authenticators, remove
                      authenticators, view or regenerate recovery codes). Only
                      present if the challenge succeeded.
        '400':
          $ref: '#/components/responses/InvalidRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
components:
  responses:
    InvalidRequest:
      description: Invalid Request
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Unauthorized:
      description: Unauthorized
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorWithCode'
    NotFound:
      description: Not Found
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  schemas:
    Error:
      type: object
      properties:
        error:
          type: string
        errorDescription:
          type: string
      required:
        - error
    ErrorWithCode:
      type: object
      properties:
        error:
          type: string
        errorDescription:
          type: string
        errorCode:
          type: string
      required:
        - error
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: >-
        Use a short-lived token obtained from the Server API's Track Action
        endpoint. The token is valid for 10 minutes and should be passed in the
        Authorization header as 'Bearer {token}'.

````