Skip to Content

How It Works

Below I've listed the Authentication flows for the user, as well the developer/backend process.

Passcode Flow

  • Enter email and request login code

    Your Site
  • Receive email with code

    Email
  • Enter received code

    Your Site
  • Code is checked by the server

    My Backend
  • User receives credentials

    Your Site

Magic Link Flow

  • Enter email and request magic link

    Your Site
  • Receive email with magic link

    Email
  • Click link

    Email
  • Link is validated by the server

    My Backend
  • User is redirected to your site with credentials

    Your Site

Developer Process

  • Register to start creating apps

    Here
  • Create a new app in the dashboard

    Dashboard
  • Implement the appropriate API calls with your App ID.

    Your Site
  • Log in Users

    My Backend
  • Get on with building your app

    Your Site

Behind the Scenes

Want more detail? View the technical documentation
  • Receive request for login code or link

    API
  • Generate secret code or link

    Backend
  • Hash secret and save it to the cache

    Redis
  • Receive request from user with code or link

    API
  • Validate code or link and generate token

    My Backend
  • Generate refresh token and save hash to database (if enabled)

    Database
  • Send credential back to user

    API
  • Expire secret after it is used or is five minutes old

    Redis