Email magic link
Start email magic link enrollment
POST https://api.authsignal.com/v1/client/user-authenticators/email-magic-link
Use this endpoint to start a challenge to enroll a new email magic link authenticator for a given email.
Request
emailstring
The user's email address.
Response
userAuthenticatorIdstring
The ID of the email authenticator which has been created but not yet verified.
challengeIdstring
The ID of the challenge. Pass this ID back to check if the user has clicked on the magic link and finalize the challenge.
Start email magic link challenge
Use this endpoint to start a challenge when the user is already enrolled with at least one email magic link authenticator.
POST https://api.authsignal.com/v1/client/challenge/email-magic-link
Request
userAuthenticatorIdstring | undefined
The ID of the email authenticator to use. Only required if the user has multiple email authenticators and you want to target a specific one.
Response
challengeIdstring
The ID of the challenge. Pass this ID back to check if the user has clicked on the magic link and finalize the challenge.
Finalize email magic link challenge
POST https://api.authsignal.com/v1/client/verify/email-magic-link/finalize
The email magic link challenge is verified when the user clicks on the link sent to their email. Use this endpoint to finalize the challenge, checking if the user has clicked on the magic link (e.g. via polling).
Request
challengeIdstring
The ID obtained when starting the challenge.
Response
isVerifiedboolean
True if the email magic link was clicked by the user.
accessTokenstring | undefined
A new short-term token with scopes to manage authenticators (e.g. add secondary authenticators, remove authenticators, view or regenerate recovery codes). Only present if the challenge succeeded.