Ok, I think I’ve managed to find the problematic scenarios. Everything works fine if you use the standard iOS Email app and Safari browser (if it is your default browser). Everything also works fine if you use a GMail app and Chrome browser. However, if you try to use GMail and Safari then that combination doesn’t work if you just click on the link because the GMail app will try to open the link in a Safari browser window within the GMail app which runs in a different context (it will not have the auth0 cookies which were added when login was initiated) and therefore the login will fail. If you copy the link (without previewing it) and paste it in the Safari browser then the login works just fine. The problem is with copying - at least on my phone which has 3D touch. As soon as I click on the link, iOS will try to preview the page which in turn will use and disable the link (since it is OTP). So the workaround I used was to highlight the link as text and copy it like that and paste it in the browser and it worked. However, it is not a great experience for users. So I will be looking to update the email template for passwordless to change the link from a link to simple text so users can copy it like text without accidentally opening it.
This leads me to the next problem I had, which is updating the email template. It seems the template that is used is not the one under Authentication/Passwordless/Email - I’ve changed it and can see no effect. Does anyone know how to find and update the email template that is used to send the magic link? Thanks