Checking for Email Scanners

When using magic links, email services like Outlook's "Safe Links" may click links to check for malicious content, potentially invalidating the one-time authentication. The isEmailScanner condition allows detecting such scanners and adding a screen to prevent token invalidation.

Example in a flow

When a user initiates magic link authentication, any detected email scanner that clicks the link will be redirected to a screen with a button. This prevents the magic link from being invalidated, as scanners typically do not interact with buttons on web pages. If no scanner is detected, the token will be automatically verified.

Email Scanner example in a flow

Email Scanner condition

The extra screen can be anything as long as it has one button which continues on to the verification process. Here is an example of an extra screen: Email Scanner extra screen

This flow example routes the users/scanners to extra screen only when an email scanner is detected, otherwise the majority of users have no change to their user experience.

To see an example flow with isEmailScanner go to Flows-> Start from template -> Magic Link -> Enterprise B2B Magic Link

Was this helpful?

On this page