MagicToken

Magic token for passwordless authentication.

Magic tokens provide a secure way to authenticate users without requiring passwords. They can be associated with either contacts or customers and support configurable expiration and usage limits.

type MagicToken {
  id: String!
  contactId: Int
  customerId: Int
  expiresAt: DateTime
  lastAccessedAt: DateTime
  failedLogins: Int
  successfulLogins: Int
  oneTimeUse: Boolean!
  extra: [String!]
  contact: Contact
  customer: Customer
}

Fields

`MagicToken.id` ● `String!` non-null scalar

Unique identifier for the magic token.

This UUID serves as the primary key and can be used to reference the token in authentication requests.

`MagicToken.contactId` ● `Int` scalar

Contact identifier associated with this magic token.

When specified, the magic token will authenticate as this contact. Either contactId or customerId must be provided, but not both.

`MagicToken.customerId` ● `Int` scalar

Customer identifier associated with this magic token.

When specified, the magic token will authenticate as this customer. Either customerId or contactId must be provided, but not both.

`MagicToken.expiresAt` ● `DateTime` scalar

Token expiration timestamp.

After this date and time, the magic token becomes invalid and cannot be used for authentication. If null, the token never expires.

`MagicToken.lastAccessedAt` ● `DateTime` scalar

Timestamp of the last authentication attempt using this token.

Updated each time the token is used for login, regardless of success or failure. Used for security monitoring and audit purposes.

`MagicToken.failedLogins` ● `Int` scalar

Count of failed authentication attempts using this token.

Incremented each time an authentication attempt fails. Used for security monitoring and potential token blocking after too many failures.

`MagicToken.successfulLogins` ● `Int` scalar

Count of successful authentication attempts using this token.

Incremented each time the token is successfully used for authentication. For one-time use tokens, this should never exceed 1.

`MagicToken.oneTimeUse` ● `Boolean!` non-null scalar

Whether this token can only be used once.

When true, the token becomes invalid after the first successful authentication. When false, the token can be reused until it expires.

`MagicToken.extra` ● `[String!]` list scalar

Additional metadata or context information for the token.

Can store arbitrary string data related to the token's purpose, origin, or usage context. Useful for tracking and debugging.

`MagicToken.contact` ● `Contact` object

Contact associated with this magic token.

Returns the contact that this authentication token belongs to. Used for contact-based authentication and identity verification.

`MagicToken.customer` ● `Customer` object

Customer associated with this magic token.

Returns the customer that this authentication token belongs to. Used for customer-based authentication and identity verification.

Returned By

magicToken query ● magicTokenCreate mutation ● magicTokenUpdate mutation

Member Of

Contact object ● Customer object ● MagicTokenResponse object

Fields​

MagicToken.id ● String! non-null scalar​

MagicToken.contactId ● Int scalar​

MagicToken.customerId ● Int scalar​

MagicToken.expiresAt ● DateTime scalar​

MagicToken.lastAccessedAt ● DateTime scalar​

MagicToken.failedLogins ● Int scalar​

MagicToken.successfulLogins ● Int scalar​

MagicToken.oneTimeUse ● Boolean! non-null scalar​

MagicToken.extra ● [String!] list scalar​

MagicToken.contact ● Contact object​

MagicToken.customer ● Customer object​

Returned By​

Member Of​