Email magic link

Start email magic link enrollment

POST https://api.authsignal.com/v1/client/user-authenticators/email-magic-link

Use this endpoint to start a challenge to enroll a new email magic link authenticator for a given email.

Request

• emailstring

  The user's email address.

Response

• userAuthenticatorIdstring

  The ID of the email authenticator which has been created but not yet verified.

• challengeIdstring

  The ID of the challenge. Pass this ID back to check if the user has clicked on the magic link and finalize the challenge.

Start email magic link challenge

Use this endpoint to start a challenge when the user is already enrolled with at least one email magic link authenticator.

POST https://api.authsignal.com/v1/client/challenge/email-magic-link

Request

• userAuthenticatorIdstring | undefined

  The ID of the email authenticator to use. Only required if the user has multiple email authenticators and you want to target a specific one.

Response

• challengeIdstring

  The ID of the challenge. Pass this ID back to check if the user has clicked on the magic link and finalize the challenge.

Finalize email magic link challenge

POST https://api.authsignal.com/v1/client/verify/email-magic-link/finalize

The email magic link challenge is verified when the user clicks on the link sent to their email. Use this endpoint to finalize the challenge, checking if the user has clicked on the magic link (e.g. via polling).

Request

• challengeIdstring

  The ID obtained when starting the challenge.

Response

• isVerifiedboolean

  True if the email magic link was clicked by the user.

• accessTokenstring | undefined

  A new short-term token with scopes to manage authenticators (e.g. add secondary authenticators, remove authenticators, view or regenerate recovery codes). Only present if the challenge succeeded.