I am getting the following error - my magic login links were working fine last night, but now they’re not. Anyone else experiencing this?
Looks like the link is expired. Any chance this person requesting the link has a firewall that opens links? I’ve run into this issue and it turns out that was the problem
Ah, that could be… I’m using a public computer with stringent settings, so I will have to test this on my regular developer computer later. Thanks for the tip!
How did you solve the problem if it was the user’s firewall settings?
Didn’t really have a good solution
Using another email or logging in with email and password
having the exact same issue with a clients Microsoft Outlook corporate setup… works fine for me on Gmail etc. I may test an old Hotmail address and see what goes on there as its Microsoft… I am guessing there is some URL stripping/adding going on so the links break… but its hard to tell
I think outlook users on corporate setups must have some link defender thing going on that clicks all links to make sure they’re safe for the user, but in this case, it’s invalidating the magic link because it’s also been “used” aka clicked
yea, this is part of the link from my client (which is the magic link email)
.
So I believe this is the culprit… and I suspect I could have the IT team fix the blocks on the application URL, however, its also their clients who will be using it to log in and may also experience the same issue - not good for everyone.
1 Like
what I may be doing in this instance (and im still thinking it through) is using the password reset mechanism instead, but auto setting a password for each user each time. They will have the annoying step of clicking a button to continue (or modal saying they have been logged in, continue).
1 Like
ok… so I found a solution to using Magic Links with the security restrictions used by some email, security providers such as Microsoft Outlook. I dont know if this will work for everyone, so test away and I will create a separate post so it doesn’t get lost.
However, here is the crux:
Microsoft outlook corporate security must examine links and and follows them, which in turn expires the magic link token and causes the error message.
To get around this, what I did was use the magic link workflow element but tick the box to generate the link only and then send an email to the user with a link to a page - an intermediary page, with the token as a URL parameter.
I then set a delay on an action for 1 second on page load to redirect the user to the correct page with the magic link url in full.
This resolves the issue in my case and I suspect for others as the security check appear to only examine the initial link and not any javascript redirects after that - and that could change, so be aware 
Anyways, that makes me happy… no passwords.
1 Like
Could be a great solution…would you tag me in the post once you make it? I’d love to see the detail for implementing this solution.