Checking for Email Scanners
When using magic links, email services like Outlook's "Safe Links" may click links to check for malicious content, potentially invalidating the one-time authentication. The isEmailScanner
condition allows detecting such scanners and adding a screen to prevent token invalidation.
Example in a flow
When a user initiates magic link authentication, any detected email scanner that clicks the link will be redirected to a screen with a button. This prevents the magic link from being invalidated, as scanners typically do not interact with buttons on web pages. If no scanner is detected, the token will be automatically verified.
The extra screen can be anything as long as it has one button which continues on to the verification process. Here is an example of an extra screen:
This flow example routes the users/scanners to extra screen only when an email scanner is detected, otherwise the majority of users have no change to their user experience.
To see an example flow with isEmailScanner
go to Flows-> Start from template -> Magic Link -> Enterprise B2B Magic Link