Add Magic Link login¶
Magic link is a form of passwordless authentication. It allows users to log in by clicking a link sent to their email instead of entering a password.
Prerequisites¶
-
To get started, you need to register an application with WSO2 Identity Server. You can register your own application or use one of the sample applications provided.
-
You need to have a user account in WSO2 Identity Server. If you don't already have one, create a user account in WSO2 Identity Server.
-
You need to configure the email sending module for the WSO2 Identity Server to send the Magic link to the users.
Enable Magic link login for an app¶
Follow the steps given below to add Magic link login to the login flow of your application.
-
On the WSO2 Identity Server Console, go to Applications.
-
Select the application to which you wish to add magic link login.
-
Go to the Login Flow tab of the application and add magic link login as follows:
-
Go to Predefined Flows > Basic Flows > Add Passwordless login.
-
Select Magic Link.
-
Click Confirm to add passwordless login with magic link to the sign-in flow.
-
-
Click Update to save your changes.
Try it out¶
Follow the steps given below.
- Access the application URL.
- Click Login to open the WSO2 Identity Server login page.
-
On the WSO2 Identity Server login page, enter your username and press Continue.
You will be redirected to the below page.
-
Check your inbox for the magic link email. The email reads as follows.
-
Open the magic link by clicking the Sign In button.
Note
Magic links support cross-browser functionality, allowing you to open the link and log in from any browser of your choice even if it is different from the one you used to initiate the login process. If you want to remove the cross-browser functionality, you can do so by adding the following configuration in the
deployment.toml
file found in the {IS_HOME}/repository/conf/ directory.This configuration ensures that the magic link can only be opened using the same browser from which the login was initiated.[session.nonce.cookie] default_whitelist_authenticators=[]