POST
/v1/auth/magiclink/signin/email

Initiate a sign-in process by sending a magic link to an existing end user. Descope will generate and deliver a clickable magic link to the email address specified. The clickable magic link is made up of two parts - the URI you provide in the URI field and the magic link token generated by Descope. For example, if URI=https://app.mycompany.com/magiclink/verify, the clickable magic link will be https://app.mycompany.com/magiclink/verify?t=magic-link-token. Magic links expire in the time frame configured in the Descope console, so sending multiple magic links (for example, when an end user tries to sign-up a second or third time) does not invalidate prior magic links that have already been sent.

The endpoint will return a failure code if the email address is not registered.

Note that URI is an optional parameter. If omitted - the project setting will apply. If provided - it should to be part of the allowed Approved Domains configured in the project settings.

Next Steps

Verify the magic link token using the Verify Token endpoint.

See Also

  • See Magic link Authentication for details about implementing magic links.
  • See The User Object for further details on how to identify users and their contact information such as email addresses and phone number.
  • See User Login Options for further details on loginOptions.
  • Use the Sign-Up endpoint to sign-up a new end user.
  • Use the Sign-In with Auto Sign-up endpoint to create a single sign-up and sign-in flow, which will create a new end user if they are not already registered.

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer \<Project ID\>

Try it

/v1/auth/magiclink/signin/email

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

loginIdstring

redirectUrlstring

loginOptionsobject

providerIdstring

ssoAppIdstring

Status codeDescription
200OK
curl -X POST "https://api.descope.com/v1/auth/magiclink/signin/email" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <Project ID>" \
  -d '{
  "loginId": "string",
  "redirectUrl": "string",
  "loginOptions": {
    "stepup": false,
    "customClaims": {},
    "mfa": false,
    "ssoAppId": "string",
    "templateOptions": {
      "property1": "string",
      "property2": "string"
    },
    "locale": "string",
    "pkceChallenge": "string",
    "revokeOtherSessions": true
  },
  "providerId": "string",
  "ssoAppId": "string"
}'

{
  "maskedEmail": "string"
}

Was this helpful?