POST
/v1/auth/magiclink/verify

Verify that the magic link token in the URL clicked by the end user matches and has not expired. This endpoint completes the magic link flow for:

Next Steps

The response object will contain the user's details including the session and refresh JWTs.

See Also

  • See Magic link Authentication for details about implementing magic links.
  • See The User Object for further details on how to identify users and their contact information such as email addresses and phone number.

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer \<Project ID\>

Try it

/v1/auth/magiclink/verify

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

tokenstring

Status codeDescription
200OK
curl -X POST "https://api.descope.com/v1/auth/magiclink/verify" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <Project ID>" \
  -d '{
  "token": "string"
}'

{
  "sessionJwt": "string",
  "refreshJwt": "string",
  "cookieDomain": "string",
  "cookiePath": "string",
  "cookieMaxAge": 0,
  "cookieExpiration": 0,
  "user": {
    "loginIds": [
      "string"
    ],
    "userId": "string",
    "name": "string",
    "email": "string",
    "phone": "string",
    "verifiedEmail": true,
    "verifiedPhone": true,
    "roleNames": [
      "string"
    ],
    "userTenants": [
      {
        "tenantId": "string",
        "roleNames": [
          "string"
        ],
        "tenantName": "string"
      }
    ],
    "status": "string",
    "externalIds": [
      "string"
    ],
    "picture": "string",
    "test": false,
    "customAttributes": {},
    "createdTime": 0,
    "TOTP": false,
    "SAML": false,
    "OAuth": {
      "property1": false,
      "property2": false
    },
    "webauthn": true,
    "password": true,
    "ssoAppIds": [
      "string"
    ],
    "givenName": "string",
    "middleName": "string",
    "familyName": "string",
    "editable": true
  },
  "firstSeen": true,
  "idpResponse": {
    "samlResponse": "string",
    "samlGeneratedUser": "string",
    "samlGeneratedRoles": "string",
    "oidcResponse": "string",
    "oidcGeneratedUser": "string",
    "oidcGeneratedRoles": "string"
  }
}

Was this helpful?