- Invite collaborating team members
- Team members have access to all features EXCEPT
- App deletion
- View billing history
- Update payment information
- View user sign up date/time
- Search for users by email address, phone number or sub ID (if own IdP)
- Disable MFA (if enabled and user activates)
- Download CSV with info of all users (Pro Package Feature)
- Event logs only available for email users
- Track unique users and conversion rates
- Search by email or IP address
- Use as a customer support tool
- Email enabled by default
- SMS and WebAuthn must be enabled from dashboard before client SDK methods will work
- Enabling Mobile App MFA login gives user ability to set a 2nd factor on authentication through app on mobile device (i.e. Google Authenticator)
- The setting is triggered when app calls on the
showSettings
method on the Web SDK User Module - End user's 2nd factor can be disabled by app owner in USER section of dashboard
- Add brand logo, select primary color and theme
- Default email template (magic link and OTP)
- Magic UI when calling auth methods
- All Widget UI components
- Device registration UI
- User settings UI
- When configured properly, users will receive login emails from custom email domain when logging in via email magic link or OTP
- Enabling this feature is a pre-requisite to Custom Email Template
Available on 6 networks; Ethereum, Base, Polygon, Optimism, Arbitrum, and Flow
- Default wallet view gives user token balance display and send/receive functionality
- Enabling NFT UI gives user ability to view token images
- Enabling NFT Transfer gives user ability to send token
- Enabling Fiat On-Ramps gives US users ability to purchase select token from providers
- Fiat On-Ramps for non-USA users require KYB with provider
- Enabling Signature Request UI displays Magic UI on each signing operation
- UI displays transaction information for send transaction operations
- UI displays message information for personal sign operations
- When enabled, default behavior is for the Signature Request UI to render in same browser tab
- Signature Request UI can be displayed in pop-up tab under Magic's domain by enabling Sign Confirmation security setting
- Domain allowlist restricts which domains can use your Magic app publishable API key
- Domain allowlist is enabled by default and localhost cannot be removed
- Programmatic configuration of domain allowlist by API is possible
- Allow redirect based auth flows for OAuth and/or email magic link with redirect
- Allow mobile apps to use Magic app publishable API key based on bundle ID (iOS) and/or package name (Android)
- Control which URLs are allowed by the browser's CSP when needing to load images or communicate with certain RPC URLs
- This security feature is disabled by default
- Enabling Device Registration will trigger additional security step (with Magic's UI/UX) during auth if browser/device is different from previous login
- While enabled, this feature will never trigger on a user's initial sign up
- Only relevant if Signature Request UI is enabled in Widget UI section
- Enabling Sign Confirmation will display transaction information or sign message in a pop-up
- Only relevant if using email magic link method and NOT passing in a redirect URI
- Enabling this while user logs in via email magic link method will present the user with a 3-digit OTP which needs to be submitted after clicking the emailed magic link
- Default session length is 7 days and persists session via third-party cookies
- Session length can be increased up to 90 days when Auto Refresh is enabled (Pro Package Feature)
- Enabling Auto Refresh persists session in first-party context through DPoP mechanism (Pro Package Feature)
- Enabling Allow List is very restrictive, it ONLY allows those in that list to login via email auth methods or OAuth logins that have that email returned in scope
- Enabling Block List blocks users in that list from login via email auth methods or Oauth logins that have that email returned in scope
- Wildcarding is available on both lists
- Programmatic add and update to list by API is possible
The following features require an enterprise agreement and special enablement
- Account Recovery
- Custom Multi-Factor Authentication
- Generalized DKMS
- Custom Email Template
- Account Linking
- Gas Subsidy
- NFT Minting and Delivery
- NFT Checkout
- Only available for users who have logged in via email methods (
loginWithMagicLink
andloginWithEmailOTP
) - User can add phone number as recovery factor
- Integrate custom MFA provider to verify sessions
- When enabled, all logins must have issued JWT be set in the custom authorization header via Magic SDK method
- Leverage Magic's DKMS and allow user to encrypt any data with their PK
- Encrypted data is not stored by Magic
- Custom Email Provider needs to be configured to use this feature
- Create one or multiple custom email templates for a single Magic app
- Only available to Magic wallets and linking between users in the same Magic app
- Account linking via REST API sets a primary and secondary wallet and requires a user to login to both accounts
- Only available on Polygon, smart contract must inherit ERC-2771 context
- Register smart contract and manage usage in Magic dashboard
- User must initiate transaction via Magic SDK gasless transaction method
- Only available on Polygon, smart contract must be ERC-721 or ERC-1155 and incorporate a minting function
- Register smart contract with Customer Success
- Call REST API endpoint to initiate mint and deliver (airdrop)
- Requires PayPal merchant account
- Enables fiat-based NFT primary sales purchases via Magic SDK NFT module method
- Getting started - import, construct and initialize magic
- Authentication Methods
- Wallet Module - widget UI methods
- NFT Module - NFT checkout and transfer methods
- User Module - generate did token, get user metadata, check login status, display user settings and logout
- Response and Error Handling
- Getting started - import, construct and initialize magic
- Relayer - facilitates events between the Magic iframe context and the RN app
- Authentication Methods
- Wallet Module - widget UI methods
- NFT Module - NFT checkout and transfer methods
- User Module - generate did token, get user metadata, check login status, display user settings and logout
- Response and Error Handling
- Getting started - import, construct and initialize magic
- Authentication Methods
- User Module - generate did token, get user metadata, check login status, display user settings and logout
- Getting started - import, construct and initialize magic
- Authentication Methods
- Wallet Module - widget UI methods
- User Module - generate did token, get user metadata, check login status, display user settings and logout
- Getting started - import, construct and initialize magic
- Authentication Methods
- Wallet Module - widget UI methods
- User Module - generate did token, get user metadata, check login status, display user settings and logout
- Error Handling