Comment on page
One-Time Passcodes and Magic Links can be sent via email or phone. Passage highly recommends using One-Time Passcodes over Magic Links, they are easier to implement, more secure, and they provide a better user experience.
A login code, or one-time passcode(OTP), is a passcode that is sent to a user via email or SMS. While authenticating, a user will input the passcode to complete login or registration.
To create a new passcode for registration and send to users, call
Passage.newRegisterOneTimePasscode()with a user's email address or phone number. A successful call will return a OTP id. The id will be used when you activate the OTP.
const otpId = await passage.newRegisterOneTimePasscode(identifier);
To create a new passcode for login and send to users, call
Passage.newLoginOneTimePasscode()with a user's email address or phone number. A successful call will return a OTP id. The id will be used when you activate the OTP.
const otpId = await passage.newLoginOneTimePasscode(identifier);
When the user inputs their OTP into your app, you will send their OTP input string and OTP id through
const authResult = await passage.oneTimePasscodeActivate(otp, otpId!);
Magic Links are hyperlinks that are sent to a user via email or SMS. Clicking the link authenticates your users and redirects them to your app.
const magicLinkId = await passage.newRegisterMagicLink(identifier);
const magicLinkId = await passage.newLoginMagicLink(identifier);
When the user taps on the Magic Link url on their mobile device, you'll need to capture the url, parse out the Magic Link (it is in the
psg_magic_linkquery parameter), and then pass that Magic Link string to
const authResult = await passage.magicLinkActivate(magicLink);
If the user opens the Magic Link on a different device or you have not setup React Native Linking, it is up to your web front end to handle and activate the Magic Link. In this case, you’ll need to continually check the status of the link in your app. Once the Magic Link has been activated by the web front end,
Passage.getMagicLinkStatus()will return a
PassageAuthResultand your user will be authenticated.
const authResult = await passage.getMagicLinkStatus(magicLinkId);