Sub-User Magic Link Authentication
Overview
The Magic Link Authentication API enables platform partners to generate secure, passwordless authentication links for their sub-users. These magic links allow sub-users to access Logfire features through your platform without requiring separate password credentials.
Key Benefits
- Passwordless authentication
- Time-limited access links
- Secure sub-user verification
- Seamless integration with partner platforms
API Endpoint
POST https://api.logfire.ai/api/auth/user-magiclinkRequest Headers
Content-Type: application/jsonRequest Body
{
"externalId": "subuser_partner_id", // Your unique identifier for the sub-user on partner's platform
"profileId": "subuser_logfire_id" // Unique identifier for the sub-user on logfire
}Required Fields
| Field | Type | Description |
|---|---|---|
| externalId | string | Your unique identifier for the sub-user on partner’s platform |
| profileId | uuid | Unique identifier for the sub-user on logfire |
Success Response (202 Accepted)
{
"isSuccessful": true,
"magicLinkId": "unique_token_string",
"expiryTime": "2024-03-21T10:00:00Z"
}Response Fields
| Field | Type | Description |
|---|---|---|
| isSuccessful | boolean | Indicates if the request was successful |
| magicLinkId | string | Unique token for magic link authentication |
| expiryTime | string | ISO 8601 datetime when the magic link expires |
Error Responses
400 Bad Request
{
"isSuccessful": false,
"message": ["find sub-user : {error details}"]
}500 Internal Server Error
{
"message": "Internal Server Error"
}Usage Guidelines
Authentication Flow
- Partner generates magic link for sub-user
- Follow instruction for Iframe Integration and use the magic link id to authenticate the sub-user
Security Considerations
- Magic links expire after a set time period
- Links are single-use only
- Sub-user validation occurs before link generation
- Access is limited to sub-user’s specific resources
Best Practices
Link Generation
- Generate links only when needed
- Verify sub-user exists before requesting link
- Handle expired links appropriately
Error Handling
- Implement proper error handling for all responses
- Provide clear feedback to sub-users
- Log authentication attempts for security monitoring
Rate Limiting
- Implement reasonable request limits
- Handle rate limit errors gracefully
- Consider implementing backoff strategies
Common Issues and Solutions
Invalid Sub-User
- Issue: 400 Bad Request with “find sub-user” error
- Solution: Verify external ID exists and is correctly mapped
Service Unavailable
- Issue: 500 Internal Server Error
- Solution: Retry request after brief delay
Expired Links
- Issue: Link no longer valid
- Solution: Generate new magic link
Implementation Example
async function generateMagicLink(subUser) {
try {
const response = await fetch('https://api.logfire.ai/api/auth/user-magiclink', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
externalId: 'partner_user_id',
profileId: subUser.profileId
})
});
const data = await response.json();
if (!data.isSuccessful) {
throw new Error(data.message);
}
return data;
} catch (error) {
console.error('Magic link generation failed:', error);
throw error;
}
}