I would like to achieve the following functionality in my application: it should be able to send various emails to users, and these emails should contain a magic link to login to my application.
Using the customisable email template is not enough for the purpose I want to achieve.
If there is a way to obtain a magic link without sending it to the user, I can simply include it in an email and send it to the user.
I would generate my own custom magic link, and after verification I would generate and sign a JWT token, using the certificate that is used by the Auth0 application, and then move on with getting a session for my authenticated user.
I found out that I can’t get the RS256 private key, but if I changed the signing algorithm of my application to HS256, I could use my application’s client secret to sign the JWT. Is this correct?
Based on my research, I understand that there is no way to get a magic link without actually sending it to the user. Is this right?
If so, would something in the direction of my second solution work?
Thank you in advance for your help!