Magic

• English

Go to website

• Can I remove Magic's branding?

  Magic gives developers full control over the UI and branding. Hide Magic's "check your email" modal To hide the default modal when a user triggers the email, just pass in showUI: false when initiating the magic login, like const did = await magic.auth.loginWithMagicLink({ email, showUI: false });. You can then show your own modal telling the user to click the email link sent to them. Customize the Magic Link Email In the Magic Dashboard, choosVery popular

• How are sessions handled with Magic

  There are different ways to handle sessions with Magic. You can either rely on Magic for session management, or rely on your own backend, which can offer more flexibility. Relying on Magic for session management When a user logs in, they create a new session that is valid for 7 days. Unless the user explicitly logs out, they won’t have to log in again for 7 days. It's possible to customize session length in the Magic dashboard. As a developer, call magic.user.isLoggedIn() to check if thVery popular

• Feature requests

  Much of our roadmap is driven by developer feedback, so if there's something you'd like to see added, let us know here: https://magic.canny.ioVery popular

• Redirect to my site after a user clicks the magic link

  The redirect URI is supported in Magic starting with magic-sdk version 2.6.0. Pass in a redirectURI parameter to loginWithMagicLink which is where the user will get redirected to after clicking the magic link. On the redirect page, call await magic.auth.loginWithCredential(); which will grab and return the DID token from the query parameters which you canVery popular

• Can I use Magic with JWT?

  Yes! You can simply use Magic for authentication, and your own JWT implementation for authorization. Here's high-level how JWT would work with Magic: User logs in with Magic, you're returned the DID token Validate the DID token in your backend with our admin-sdk magic.token.validate(did) method Call our admin-sdk method magic.user. getMetadataByToken(did) to grab the user's unique ID and email address Store that data inside a JWT token and then move forward with your JWT implemVery popular

• Can I separate login and signup?

  Of course! Magic doesn't differentiate between a new user (signup) and a returning user (login), so the same loginWithMagicLink({ email }) code will power both pages, but you can have different forms if for example you want to prompt the user for more information that you'll be storing, such as first name, last name, etc.Popular

• Sunsetting Test API keys

  Support for testnet keys ends on February 11, 2022. From Magic SDK v7.0.0, we combined testnet API key functionality into live API keys to help simplify and make the Web3 developer experience better. What’s next? You can now use live API keys for both mainnet and testnets. When transacting on testnets, specify the testnet you want in the options.network parameter when you initialize the Magic SDK. We recommend you create separate apps for test vs. production user logins.Popular

• Can I block certain emails from logging into my app?

  Magic offers an Allow list / Block list feature that allows you to limit who can access your site. You can read more in our documentation here.Few readers

• How to secure your API with Magic

  There are a couple of ways to secure your API using Magic: You can generate a DID token client-side using magic's getIdToken sdk method. Then send that in the authorization header to your API, where you'll call our validate(didToken) function on the token generated client-side. By default the tokens are valid for 15 minutes but you can pass in a lifespan parameter to set any expiration date you'd like. Manage your own sessions by issuing a cookie/JWT after a user completes a login.Few readers

• Can users change their email address?

  You can use the user property and its associated updateEmail() method to allow users to update their email address. Updating an email requires a user to be logged in (which requires they have access to their original email) but to update the email, they just confirm via an email link sent to their new email address. If somehow they completely and permanentFew readers

• Can I change my app name in the Google Login screen?

  You might notice that when logging in to your application using Google OAuth, you see this: google-signin-page Magic functions as a wrapper around the social logins you set up in your dashboard. When you initially configured social login via Google in your Magic dashboard, you copied the redirect URI, which you then pastFew readers

• RPC Error: Recipient's inbox is not configured

  If you're seeing Magic RPC Error: [-10010] Recipient's inbox is not configured to receive emails, this indicates that our SMTP provider has attempted to send a message to the given email address, but the email returned a hard bounce. To resolve this error, contact the Magic team so we can reactivate the email address.Few readers

• Can I set a custom session length with Magic?

  You now have the option to control session lengths from the Magic Dashboard! Default sessions This will allow users to remain authenticated with Magic for up to 7 days (or until they logout or browser data is cleared). Auto Refresh Enabling Auto Refresh sessions will allow users to stay authenticated with Magic for a duration of your choosing, up to 90 days (or until they logout or browser data is cleared) More information can be found in our documentation. [(link)](https://magiFew readers

• Can I add members of my team to the dashboard?

  Yes! You can work solo, or invite up to two collaborators to your team to help integrate Magic, update branding, or manage users. Manage your team from the Magic Dashboard and check out this page in our documentation for more details!Few readers

• How can I retrieve the authenticated user's mobile number with Magic?

  Customers using the Magic Admin SDK on dynamically-typed languages should receive a phone_number field as part of User metadata. These dynamically-typed languages include: Python Ruby PHP The statically-typed languages where phone_number is not yet exposed include: TypeScript GoLangFew readers

• Does calling `logout()` invalidate a DID token?

  Calling a logout function does not invalidate a DID token. A DID token is just proof that a user was authenticated, and each DID token has an expiration of 15 minutes by default. The only way for a once-valid DID token to be invalidated is for it to expire. That's why it's best to create short-lasting DID tokens when the user is logged in and re-generate them as needed (if needed) by your application. ${color}[#8a8a8a](_(see https://magic.link/docs/introduction/decentralized-id for more inFew readers

• Can Magic store custom user data?

  Magic is unable to store custom data for you and does not provide any database solution. You will still need to maintain a database containing your user's information. You can use the getMetadata method on the User module to return an object containing the issuer, email (or mobile number) and cryptographic public address of the authenticated user, and store that information in your database, along with any additionalFew readers

• My logo isn't appearing as expected

  If the image you're uploading in the Magic dashboard isn't appearing as expected in login emails, please try using an image that is no larger than 100x100 pixels.Few readers

• Can I see analytics about my users?

  You can view a list of your users in the dashboard, but specific details about those users aren't available just yet. If you'd like us to add this feature, head to https://magic.canny.io/dashboard-features/p/dashboard-analytics to let us know by upvoting the request.Few readers

• Can I export a list of my app's users?

  This is not yet supported but will be in the future!Few readers