Client Portal - Temporary Magic Links

What’s New?

Key Enhancements

• 15 min time limit for magic link expiration
• 90 days limit for database deletion
• Rate limit for user generated magic link is 5-6
• User can request magic link for themselves till 90days since they last logged in
• Secret token is encrypted so login information is secured
• It is backward compatible so old magic link will work as it is till user request new ones

Why it Matters:

• Reduction in security incidents related to the misuse of permanent magic links.
• Improves platform security by minimizing the window of time an unauthorized user can use a link to gain access.
• Reduces the likelihood of link theft and replay attacks.
• Increases user trust by demonstrating a commitment to protecting their data.
• Enhances compliance with modern security standards and best practices.