I’m attempting to initiate passwordless login from my backend in a regular webapp scenario. The java SDK includes this method to start the flow. passwordlessAuth.startPasswordlessEmailFlow(email, PasswordlessEmailType.LINK)
However the corresponding docs in the REST API discourage use from the backend.
My requirements dictate a magic link sent in an email. I have modified my login page template according to this post which conditionally skips the login prompt when using the app that is set up for passwordless.
This all works, when I get the email and click the magic link, I can see the browser redirecting me back to my callback endpoint. However the callback doesn’t get a code I can use to look up the user like it does in the username/password case. I can see a token in the url in the browser but this in the # portion which is not accessible to the backend (furthering the idea that this in only intended to work for frontend only apps)
Is it possible to process the passwordless magic link authentication flow on the backend?
1 Like