# Magic Links Magic Links let users sign in without a password. Instead of entering credentials, they receive a one-time login link via email. ## How It Works 1. The user enters their email address on the login page. 2. AccessIQ sends a secure, time-limited login link to that email. 3. The user clicks the link and is signed in immediately. 4. The link expires after use or after the configured time limit. ## Enabling Magic Links 1. Go to **Identity > Authentication Methods**. 2. Find **Magic Links** and toggle it on. 3. Configure the settings: | Setting | Description | Default | | --------------- | ------------------------------------------- | ---------------- | | Link expiration | How long the link remains valid | 15 minutes | | Allow reuse | Whether the link can be used more than once | No | | Email template | Customize the email subject and body | Default template | | Fallback method | Alternative sign-in if the link expires | Password | 4. Click **Save**. ## Customizing the Email 1. Under **Magic Links > Email Template**, click **Edit**. 2. Customize the subject line, body text, and button label. 3. Use variables to personalize the message: | Variable | Description | | -------------------- | -------------------- | | `{{user.firstName}}` | User's first name | | `{{user.email}}` | User's email address | | `{{link}}` | The magic link URL | | `{{expiry}}` | Link expiration time | 4. Send a **test email** to yourself to preview the result. 5. Click **Save**. ## User Experience When Magic Links are enabled alongside other authentication methods, users will see a "Sign in with email link" option on the login page. They can choose between a magic link, password, or any other enabled method. If Magic Links are the only enabled method, users will go directly to the email input screen. ## Security Considerations * Each link is single-use by default and tied to a specific user and session. * Links expire after the configured time window. * AccessIQ rate-limits magic link requests to prevent abuse. * If a user requests multiple links, only the most recent one is valid. ## Troubleshooting | Issue | Solution | | ------------------------------ | ------------------------------------------------------------ | | User did not receive the email | Check spam/junk folders; verify the email address is correct | | Link expired | The user should request a new link from the login page | | Link already used | Each link works once; request a new one | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://accessiq.gitbook.io/accessiq-docs/identity-and-single-sign-on/magic-links.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.