Skip to Content

How It Works

Below I've listed the Authentication flows for the user, as well the developer/backend process.

Passcode Flow

  • Enter email and request login code

    Your Site

  • Receive email with code

    Email

  • Enter received code

    Your Site

  • Code is checked by the server

    My Backend

  • User receives credentials

    Your Site

Magic Link Flow

  • Enter email and request magic link

    Your Site

  • Receive email with magic link

    Email

  • Click link

    Email

  • Link is validated by the server

    My Backend

  • User is redirected to your site with credentials

    Your Site

Developer Process

  • Register to start creating apps

    Here

  • Create a new app in the dashboard

    Dashboard

  • Implement the appropriate API calls with your App ID.

    Your Site

  • Log in Users

    My Backend

  • Get on with building your app

    Your Site

Behind the Scenes

Want more detail? View the technical documentation

  • Receive request for login code or link

    API

  • Generate secret code or link

    Backend

  • Hash secret and save it to the cache

    Redis

  • Receive request from user with code or link

    API

  • Validate code or link and generate token

    My Backend

  • Generate refresh token and save hash to database (if enabled)

    Database

  • Send credential back to user

    API

  • Expire secret after it is used or is five minutes old

    Redis