Authentication

Embedded Link

An embedded link is a one-time-use token that allows an existing user to authenticate without entering their credentials. Once created, the token can be included in a URL and sent to the user through channels like email, SMS, or in-app messages. When the user clicks the link, they are automatically authenticated if the token is valid and has not expired or been used.

Embedded links can also be consumed programmatically, such as in backend workflows where user context needs to be passed securely without direct user interaction. To validate an embedded link, use the magic link verification function provided by the SDK.

This guide will walk you through integrating embedded link actions into your Descope Flows. Embedded links are typically used when you want to perform tasks asynchronously with traditional sign up actions.

One notable use case is allowing users to verify their email address after the initial sign up, while already being authenticated with your application.

Flow Actions

Note

While this may enhance your user experience to authenticate faster if utilizing passwords, they will still need to verify their email address before sending a password reset via the normal methods.

This guide will cover the abovementioned use case and the use case for sending password reset via embedded link via flows.

Email Verification After Initial Sign Up

For the use case of allowing a user to verify their email after their initial signup, utilize the embedded link Update User action within your flow. For a detailed guide on how to do this, go to the page on this use case.

Password Reset

The password reset configuration is very similar to the above example for email verification; however, here, you would utilize the Sign In / Embedded Link action. This action also allows you to configure the URI and Token Expiration. For this flow path, setting the Token expiration lower makes more sense since you expect the user to interact with the email sooner than the email verification use case.

Configure embedded link sign in action for password reset within Descope flows

You would then add another send email action similarly to the above example, and then connect the actions to the applicable screens per the example below.

Configure embedded link sign in action for password reset within Descope flows

There are other embedded link use cases that you may later want to utilize within your flow. Descope has other available embedded link actions that you can utilize to update the user's phone, sign up via embedded link, or sign up via embedded link. You can find these actions by clicking the blue + sign at the top left, selecting Action, and searching for Embedded Link.

Searching for embedded link actions within Descope flows

Was this helpful?

Settings

Customize your nOTP (WhatsApp) authentication settings with Descope.

Backend SDKs

Add embedded link authentication to your application using Descope Backend SDKs. Read the detailed implementation guide with sample code.

On this page