[New Feature] Magic login link workflow action

This is still happening on my end on multiple apps by the way @Bubble @grace.hong :wink:

Hi all! Quick update, we have released a patch to the Magic Links Feature that should account for about 90% of spam filters eating clicks. We are looking into additional ways to handle the remaining edge cases, but please let me know if you are still seeing this issue or if it seems to be better in the mean time. Thanks!

Agreed, this would be very cool :slight_smile:

I am still having this issue with my app. Links are being opened automatically by my clients email software and expiring the link before the user is able to click them.

Is there a work around or a way to stop the link expiring after first use?

This is unfortunate. We might have to explore other options like removing the one click limit all together, or setting a higher limit. Will keep this thread up to date.

End users can also specifically allow the magic link email address to their inbox provider’s allowlist to get around the security checks.

Hi @nick.carroll is there any way to set the “keep user logged in” feature after logging in with a magic link?

Noting this feature request!

3 Likes

Hi @nick.carroll

For some reason, the ‘Magic Link’ doesnt work if it has been sent out from ‘Backend workflows’. Any reason why or am i missing something?

Thanks!

I’m trying to pass the magic link on to Segment using the Result of step N action. However, the workflow doesn’t seem to produce a link — Segment is receiving the other parameters I’m passing along but not the magic link.

Is there a known bug with the ‘Just create link, don’t send email’ option?

1 Like

Right now even without that option I assume that it would keep the user logged in indefinitely right, @nick.carroll ?

Let me double check today’s behavior

1 Like

I’ve found an issue with the user experience on mobile with the magic link,

When ever the user visits my web-app and requests a magic link to login, when he/she clicks the link within the email, by default, the email app opens the link inside the email app’s browser and not in the phone’s browser (Safari, Chrome or any other stand-alone browser). This way, cookies are never stored in Chrome or Safari, and the user needs to request a magic link every time they want to access the web-app.

Is there a way to force the link to be opened directly in a browser and not within a mail app’s browser?

In that sense, if the above can’t be achieved, the Keep logged in behavior will not change the user experience at all.

1 Like

I’m experiencing the same issue.

I noticed Spotify using this option, and have used it a few times. SUPER helpful when you don’t have time to get into changing a password, and need access to an app asap. Thank you fro implementing this!

I got it to work by creating another user field for ‘magiclink’ which updates in the workflow using Make Changes to a User.

Send Magic Link (don’t send email)
Make Changes to User’s magic link = Result of Send Magic Link step
Track Event with Segment - magic link = Result of Make Changes to User step

1 Like

Hi @nick.carroll just following up on this to see if you have an update, thanks!

Hi! I think the default behavior is to log out quite quickly. I’m using magic links and my users are complaining they get logged out quickly (after a day or two). This is super annoying for them, and I can’t really find a way to fix this. Do you have any recommendations @nick.carroll ?

Also curious what the best practice is to use magic links for signing users up (e.g. create accounts). Better to use ‘Create account for someone else’ or to create a new user and set a random password?

1 Like

Thanks @Jake_c for the info! It’s a little perplexing to be honest because right now I actually use Assign a temporary password to a user to log them in in kind of a janky weird way that I’m looking to replace with magic links, and for assign a temporary password to a user the user stays logged in persistently. That’s kind of counterintuitive since the word “Temporary” is in the title of that action, but I understand it’s related to the password value itself and not necessarily the state of their login. I’d like to believe that a magic login link keeps the user logged in indefinititely and is a step up above assign a temporary password to a user but it sounds like from your post it is not.

You are sure its the persistance of their logged in state itself being temporary and not the usability of the link, i.e. if a user does not act upon the magic login link within 24-48 hours it becomes dead and they have to send themselves another one?

Hi @jonathan.timianko , sorry for the delay in replying, yep it’s the persistence of the login state rather than the longevity of the login link itself (which is only 10 mins atm for us).