Magic Links
Send a link. They click. They're in. Goodbye password resets.
Try it yourself
What it does
Magic links are time-limited, scope-bound tokens that grant one-click access to a specific resource. Course lesson, webinar room, signed contract, paid podcast feed, coach program day — every gated surface accepts magic-link auth out of the box.
Tokens carry their scope. A magic link to a course lesson grants access to that lesson, not the whole course. A link to a contract grants view-only access for 14 days. The engine enforces scope server-side, so a leaked link can't escalate.
Workflows issue magic links automatically. Webinar registration confirmed → email goes out with a join link that works for the next 30 minutes. Course purchase → onboarding email with first-lesson link. No manual link generation in admin.
Every use is audit-logged: who clicked, when, from what IP. Revoke a token from admin if a contract gets shared accidentally; the link stops working immediately.
Key capabilities
Time-limited tokens
Default TTL per resource type. Webinar links expire post-event; contract views last 14 days.
Scope-bound
A token to one lesson can't access another. Scope is enforced server-side, not in the link.
Auto-issued from workflows
Workflow node 'Send magic link to {resource}' covers most flows. No manual generation needed.
Per-use audit log
Who clicked, when, from where. Visible in the contact's activity timeline.
Revoke from admin
One click to invalidate a token. Useful when a link gets forwarded outside its intended audience.