|
|
|
|
|
|
by timwis
1434 days ago
|
|
|
Great points! The deliverability (and delay) issue is the one I’ve found most challenging. For the others, here are some mitigations I’ve come across: - instead of single use tokens, set them to expire within 60 mins - to prevent spam/malware checkers signing in when following the links, have the magic link take you to a page with a sign in button to ‘complete’ the sign in process. And, optionally, add some JS that clicks it for you on page load. This is the same approach used for unsubscribe links. |
|
|