Intro to Magic - Onboarding Guide

Sections

• Dashboard Walkthrough
• Enterprise Features
• Documentation Index

Dashboard Walkthrough

• Team Management
• User Management
• Authentication Settings
• Branding
• Widget UI
• Security Settings

---

TEAM MANAGEMENT

ADD MEMBERS TO TEAM

• Invite collaborating team members
• Team members have access to all features EXCEPT
  • App deletion
  • View billing history
  • Update payment information
  

---

USER MANAGEMENT

END USERS

• View user sign up date/time
• Search for users by email address, phone number or sub ID (if own IdP)
• Disable MFA (if enabled and user activates)
• Download CSV with info of all users (Pro Package Feature)

EMAIL LOGS

• Event logs only available for email users
• Track unique users and conversion rates
• Search by email or IP address
• Use as a customer support tool

---

AUTHENTICATION SETTINGS

PASSWORDLESS LOGINS

• Email enabled by default
• SMS and WebAuthn must be enabled from dashboard before client SDK methods will work

SOCIAL LOGINS

• Social login requires configuration with each provider

MULTI-FACTOR AUTH (Pro Package Feature)

• Enabling Mobile App MFA login gives user ability to set a 2nd factor on authentication through app on mobile device (i.e. Google Authenticator)
• The setting is triggered when app calls on the showSettings method on the Web SDK User Module
• End user's 2nd factor can be disabled by app owner in USER section of dashboard

---

BRANDING

MAGIC COMPONENTS

• Add brand logo, select primary color and theme
• Default email template (magic link and OTP)
• Magic UI when calling auth methods
• All Widget UI components
• Device registration UI
• User settings UI

CUSTOM EMAIL PROVIDER

• When configured properly, users will receive login emails from custom email domain when logging in via email magic link or OTP
• Enabling this feature is a pre-requisite to Custom Email Template

---

WIDGET UI

Available on 6 networks; Ethereum, Base, Polygon, Optimism, Arbitrum, and Flow

WALLET VIEW

• Default wallet view gives user token balance display and send/receive functionality
• Enabling NFT UI gives user ability to view token images
• Enabling NFT Transfer gives user ability to send token
• Enabling Fiat On-Ramps gives US users ability to purchase select token from providers
• Fiat On-Ramps for non-USA users require KYB with provider

SIGNATURE REQUEST UI

• Enabling Signature Request UI displays Magic UI on each signing operation
• UI displays transaction information for send transaction operations
• UI displays message information for personal sign operations
• When enabled, default behavior is for the Signature Request UI to render in same browser tab
• Signature Request UI can be displayed in pop-up tab under Magic's domain by enabling Sign Confirmation security setting

---

SECURITY SETTINGS

ALLOWED ORIGINS & REDIRECTS

• Domain allowlist restricts which domains can use your Magic app publishable API key
• Domain allowlist is enabled by default and localhost cannot be removed
• Programmatic configuration of domain allowlist by API is possible
• Allow redirect based auth flows for OAuth and/or email magic link with redirect
• Allow mobile apps to use Magic app publishable API key based on bundle ID (iOS) and/or package name (Android)

CONTENT SECURITY POLICY

• Control which URLs are allowed by the browser's CSP when needing to load images or communicate with certain RPC URLs

DEVICE REGISTRATION

• This security feature is disabled by default
• Enabling Device Registration will trigger additional security step (with Magic's UI/UX) during auth if browser/device is different from previous login
• While enabled, this feature will never trigger on a user's initial sign up

SIGN CONFIRMATION

• Only relevant if Signature Request UI is enabled in Widget UI section
• Enabling Sign Confirmation will display transaction information or sign message in a pop-up

MAGIC LINK SECURITY CHECK

• Only relevant if using email magic link method and NOT passing in a redirect URI
• Enabling this while user logs in via email magic link method will present the user with a 3-digit OTP which needs to be submitted after clicking the emailed magic link

SESSION MANAGEMENT

• Default session length is 7 days and persists session via third-party cookies
• Session length can be increased up to 90 days when Auto Refresh is enabled (Pro Package Feature)
• Enabling Auto Refresh persists session in first-party context through DPoP mechanism (Pro Package Feature)

ACCESS CONTROL

• Enabling Allow List is very restrictive, it ONLY allows those in that list to login via email auth methods or OAuth logins that have that email returned in scope
• Enabling Block List blocks users in that list from login via email auth methods or Oauth logins that have that email returned in scope
• Wildcarding is available on both lists
• Programmatic add and update to list by API is possible

---

Enterprise Features

The following features require an enterprise agreement and special enablement

• Account Recovery
• Custom Multi-Factor Authentication
• Generalized DKMS
• Custom Email Template
• Account Linking
• Gas Subsidy
• NFT Minting and Delivery
• NFT Checkout

ACCOUNT RECOVERY

• Only available for users who have logged in via email methods (loginWithMagicLink and loginWithEmailOTP)
• User can add phone number as recovery factor

CUSTOM MULTI-FACTOR AUTHENTICATION

• Integrate custom MFA provider to verify sessions
• When enabled, all logins must have issued JWT be set in the custom authorization header via Magic SDK method

GENERALIZED DKMS

• Leverage Magic's DKMS and allow user to encrypt any data with their PK
• Encrypted data is not stored by Magic

CUSTOM EMAIL TEMPLATE

• Custom Email Provider needs to be configured to use this feature
• Create one or multiple custom email templates for a single Magic app

ACCOUNT LINKING

• Only available to Magic wallets and linking between users in the same Magic app
• Account linking via REST API sets a primary and secondary wallet and requires a user to login to both accounts

GAS SUBSIDY

• Only available on Polygon, smart contract must inherit ERC-2771 context
• Register smart contract and manage usage in Magic dashboard
• User must initiate transaction via Magic SDK gasless transaction method

NFT MINTING AND DELIVERY

• Only available on Polygon, smart contract must be ERC-721 or ERC-1155 and incorporate a minting function
• Register smart contract with Customer Success
• Call REST API endpoint to initiate mint and deliver (airdrop)

NFT CHECKOUT

• Requires PayPal merchant account
• Enables fiat-based NFT primary sales purchases via Magic SDK NFT module method

---

Documentation Index

CLIENT-SIDE

WEB SDK

• Getting started - import, construct and initialize magic
• Authentication Methods
  • Auth Module - email and phone authentication methods
  • OpenID Module - bring your own identity provider
  • OAuth Module - social provider login methods
  • WebAuthn Module - biometric login methods
• Wallet Module - widget UI methods
• NFT Module - NFT checkout and transfer methods
• User Module - generate did token, get user metadata, check login status, display user settings and logout
• Response and Error Handling

REACT NATIVE SDK (BARE & EXPO)

• Getting started - import, construct and initialize magic
• Relayer - facilitates events between the Magic iframe context and the RN app
• Authentication Methods
  • Auth Module - email and phone authentication methods
  • OpenID Module - bring your own identity provider
  • OAuth Module - social provider login methods
• Wallet Module - widget UI methods
• NFT Module - NFT checkout and transfer methods
• User Module - generate did token, get user metadata, check login status, display user settings and logout
• Response and Error Handling

FLUTTER SDK

• Getting started - import, construct and initialize magic
• Authentication Methods
  • Auth Module - email and phone authentication methods
  • OpenID Module - bring your own identity provider
  • OAuth Module - social provider login methods
• User Module - generate did token, get user metadata, check login status, display user settings and logout

ANDROID SDK

• Getting started - import, construct and initialize magic
• Authentication Methods
  • Auth Module - email and phone authentication methods
  • OpenID Module - bring your own identity provider
• Wallet Module - widget UI methods
• User Module - generate did token, get user metadata, check login status, display user settings and logout

iOS SDK

• Getting started - import, construct and initialize magic
• Authentication Methods
  • Auth Module - email and phone authentication methods
  • OpenID Module - bring your own identity provider
• Wallet Module - widget UI methods
• User Module - generate did token, get user metadata, check login status, display user settings and logout
• Error Handling

UNITY SDK

• Getting started - import, construct and initialize magic
• Auth Module - email and phone authentication methods
• User Module - generate did token, get user metadata, check login status, display user settings and logout

BRING YOUR OWN IDENTITY PROVIDER

• How to create and update your auth config

BLOCKCHAINS

• Blockchain Integration

SERVER-SIDE

• NodeJS SDK
• Python SDK
• Go SDK
• Ruby SDK
• PHP SDK
• Laravel SDK