Generate login magic link

POST 
/auth/magic-link

Generates a short-lived, one-time URL that authenticates a specific user into a specific organization, then redirects them to your chosen EasyDMARC URI.

Using the Magic Link

1. Your backend calls POST /auth/magic-link with userId, organizationId, redirectUri.
2. API returns a single-use url and expiringAt.
3. Redirect the user (HTTP 302) or render a button that navigates to url.
4. The user is authenticated and then redirected to redirectUri within EasyDMARC.

Notes

• Treat the returned url as a credential: never log or expose it broadly.
• The link expires at expiringAt; do not cache beyond that time.
• A new link should be generated per session/initiation.

Examples

cURL

curl -X POST "https://api2.easydmarc.com/auth/magic-link" \
  -H "Authorization: Bearer $EASYDMARC_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "userId": "c99cf9f3-f946-4707-9984-a19bf2d57841",
    "organizationId": "org_0987654321",
    "redirectUri": "https://account-console.easydmarc.com"
  }'

Security Best Practices

• Send the request server-to-server only; never expose your API token to the browser or client apps.
• Do not log full magic links; if needed, mask them.
• Prefer short validity windows for operational usage; launch the redirect immediately after generating the link.

Request

Responses

200

Successfully generated magic link

400

Bad Request - Invalid input or missing parameters

401

Unauthorized - Invalid or missing Bearer token