OOTB - Magic Link Authentication - Subflow - PingOne Services - PingOne Cloud Platform - PingOne

Page created: 20 Jun 2023 |

Page updated: 28 Sep 2023

| 2 min read

PingOne DaVinci Product PingOne Cloud Platform PingOne PingOne Services Administrator Guide User task Configuration Content Type Guide Solution Guide

The OOTB - Magic Link Authentication - Subflow lets existing users authenticate using a link sent to the email address that's associated with their account.

Purpose

The OOTB - Magic Link Authentication - Subflow presents users with the option to send a magic link to the email address associated with their account. After the link is sent, the flow checks the status of the link. If the link is clicked, the flow authenticates the user. If the link expires, the flow presents an error message. The magic link expires after 2 minutes.

Structure

This flow is divided into sections using teleport nodes:

Display Magic Link Form: Uses a PingOne node to look up the user, then presents an HTML form from which the user can send a magic link. The flow then simultaneously progresses to the Create Challenge and Send Email and Challenge Acceptance By The User sections.
Create Challenge and Send Email: Uses a PingOne node to send a magic link email. The flow then progresses to the Display Magic Link Polling And Check For Challenge Status section.
Challenge Acceptance By The User: Checks the challenge status and displays a success message if the magic link is clicked and an error message if the magic link times out.
Display Magic Link Polling And Check For Challenge Status: Displays a custom HTML template directing users to click the magic link. When the challenge is approved, the flow progresses to the Show Success Message section.
Show Success Message: Displays one of two success forms depending on whether the user has any other MFA devices. The flow then progresses to the Return Success section.
Challenge Expiration: Denies the challenge if the magic link expires. The flow then progresses to the Return Error section.
Return Success: Sends a success JSON response, indicating that the flow has completed successfully.
Return Error: Sends an error JSON response, indicating that the flow completed unsuccessfully.

Input schema

This flow has the following inputs.

Input name Required Description

Input name	Required	Description
`email`	Yes	The email address to use for registration.
`canChangeDevice`	Yes	Indicates whether the user can change the device used for authentication.
`ciam_companyLogo`	No	The company logo. Used only when the main flow was launched using the widget.

email

Yes

The email address to use for registration.

canChangeDevice

Yes

Indicates whether the user can change the device used for authentication.

ciam_companyLogo

The company logo.

Used only when the main flow was launched using the widget.

Output schema

This flow has the following outputs.

Output name	Description
`ciam_pingOneUserId`	The user ID of the current user.
`ciam_subflowResult`	The result status of the flow.
`ciam_errorMessage`	The error message to display in the parent flow.

Variables

This flow uses the following variables.

Variable name	Description
`ciam_logoStyle`	The HTML style to use for your company logo.
`ciam_logoUrl`	The URL for your company logo.
`ciam_companyName`	Displays the name of your company.

OOTB - Magic Link Authentication - Subflow - PingOne Services - PingOne Cloud Platform - PingOne - PingOne DaVinci

PingOne for Customers Passwordless

Purpose

Structure

Input schema

Output schema

Variables