API Reference

Verify a Magic Link

Verify a Magic Link end point

Call the /verify API with the below body parameters to ensure a magic link has been verified in-order to authenticate the end user.

Call

curl --request POST \
  --url https://api.ezid.io/email-link/verify \
  --header 'Content-Type: application/json' \
  --data {
   client_id: "your_client_id",
   client_secret: "your_client_secret",
   auth_code: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMzNlZmRiMTEtYTQ3ZS00MzU5LWI5NjYtM2VlZjdkODcwZWIzIiwiaWF0IjoxNjQ1NTA0NjQ1LCJleHAiOjE2NDU1MDgyNDV9.q8P3WOT2Kgeb7fazbVkP4YfWuNRnsIcpyP3z9_C3YjM"
}'

const fetch = (...args) => import('node-fetch').then(({default: fetch}) => fetch(...args));');

let url = 'https://api.ezid.io/email-link/verify';

let options = {
  method: 'POST',
  headers: {'Content-Type': 'application/json'},
  body: {
   client_id:"your_client_id",
   client_secret:"your_client_secret",
   auth_code:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiMzNlZmRiMTEtYTQ3ZS00MzU5LWI5NjYtM2VlZjdkODcwZWIzIiwiaWF0IjoxNjQ1NTA0NjQ1LCJleHAiOjE2NDU1MDgyNDV9.q8P3WOT2Kgeb7fazbVkP4YfWuNRnsIcpyP3z9_C3YjM"
  }
};

fetch(url, options)
  .then(res => res.json())
  .then(json => console.log(json))
  .catch(err => console.error('error:' + err));
AttributesDefinition
client_id* Your companies unique ID, provided by EZiD
client_secret* You companies unique secret, provided by EZiD
auth_code* The code embedded in the /send APIs URL as code=

Responses:

{
   id_token: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzYWF0dmlrcnVkcmFwYXRuYUBnbWFpbC5jb20uZXppZC5pby83ZWM2MDJlNGQyZGIxMzQ3OTVhMzRjMDM4MDlmNzNlNiIsImlzcyI6Imh0dHBzOi8vZXppZC5pbyIsImVtYWlsIjoic2FhdHZpa3J1ZHJhcGF0bmFAZ21haWwuY29tIiwicHJveHlfZW1haWwiOiJzYWF3dmlrcnVkcmFwYXRuYUBnbWFpbC5jb20iLCJub25jZSI6IjRkY2YzMjgyLTliNzYtNGMzZi04OWM3LWJmY2JiMGQxYzg0YiIsImlhdCI6MTY0NTYwNzcyNSwiZXhwIjoxNjQ1NjQzNzI1fQ.e5sKc91l4rowqHSEgPDnrh5HGjggWvnYm1YKsxWzJFDG6DGAfmjdiUlZFbhXqKDaipvCd3jmhV63S5RSa7wFHhFpxn_k6baeRrEs_LZOdk7mc--hJWsQaX_CGpZ_CnaaQxh0M-CqWgnTnMdIHpwSKL59lvjpiNZ68PyvPiK4x37bRpKBQiiekqpqrhJ5wbjdGKkdIaOoS7dwHGNPsQcvWKN3GjcamxI9j-tpnff3Rj1It7ZtqITIvg9nIDNKtk--FSPPBbt_Jk0ksMZjstfjcsnbiW-cJW8E4HEhfbL2qUmgqPQMVYrmq-pTuXYq04nfru_o_cTeVGX-DN5aQcsqM6cQImJ5bBRqqGKTV0NhiFSIpFig7KUI9BMbi6vpDGFeYJNSIALTvrzHi4hB99LOv6shXY5lsHrDi2WJUESWzuBmODoUbBZDTo__4JtliLaY-uOu67lLG4iaX4kbD-tranDOE5QrWPiDe3NoKxam1l_5_2h3zRyPMLAIi-qScVA_s0_rAYYBih5QdgHnidOgHesv_DmP7SQt549TaYNxjOGAGq0K_yLkPpHRj3iTi8Zp_pSE1S-Qn7IAZ3WdcnoXz1QVprMlBAKhpaQ531Hh6HHltJrHy83axRXabTb-LhctXq5YQ8zbTBfw7e_DbYSaGc-_3LA-YELcr4cYucbHvC0",
   access_token: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzYWF0dmlrcnVkcmFwYXRuYUBnbWFpbC5jb20uZXppZC5pby83ZWM2MDJlNGQyZGIxMzQ3OTVhMzRjMDM4MDlmNzNlNiIsImlzcyI6Imh0dHBzOi8vZXppZC5pbyIsImF6cCI6IjdlYzYwMmU0ZDJkYjEzNDc5NWEzNGMwMzgwOWY3M2U2Iiwic2NvcGUiOiJvcGVuaW2gYWxsb3c6aW52aXRlIiwiY3VzdG9tX2NsYWltcyI6eyJyb2xlIjoicmVhZC1vbmx5LXVzZXIiLCJ0ZXN0IjoiZnJvbSBzZW5kIGVuZHBvaW50In0sImlhdCI6MTY0NTYwNzcyNSwiZXhwIjoxNjQ1NjQzNzI1fQ.Ucgo3lV6yGyB3odZPf8sgojGah9xsEO-EzNbNFoAAxVOwl-naS--ZN4mm9B8sZgAi-WIJOGC7LJFPhHI2ZwTp0oucIEljh_MT6GLWK8V7SJLgQP1XWgIZfpqqa0S0ppVKbh8VqN5DInsXgWUDI5GbVvEmmpFcPh58JsZAMjKcmo5CYF-epbWqlmxc8GnUFBAsIN2CHwWLEKm6AA_F9CTKWqHO94Qj5cno2FWEELT_3NYcP0vEV9VS-HIhjz-TA0D0MJ0Ujxy5ygzFmt08BJZbqk9zm2ujc-dB28IE_av1dubb-w03nYyvD-8eNaC8_veJrJ149dRpltlJeW0ZffHnGBr9fKlkDisToPfNZItP2vTk0wZTuDcjGU9LQETfZeqN9y8q9HKRSnO6mk0InwePAxpMFFefH0k1nL5ApisUSHFPwDfsf5RtQxT6irlLKvY0y0aCtS-KiGL8Pm1Uj4B1jwwhk9uTwzLVW_kynaQ8iYXY8jnDqjOSVIvVHWwM8_bqBx_xodpdJfaSUMeCZhwj0LeoCVE6Cl6XxRn_g2MKXbha9WXFFjOausleJlsUlM1dPty-Kblj1Uu4g-ktzoEhN3ZyeWIxifNGQqAudnsXYwUA-4byXmy7gc_HQqyXEmoH_9OjY7sy8LQ5QIKvDMf3Hzn0zdx779qiQWFdOv2dj8",
   refresh_token: "1814084e-18a2-4e9c-bee8-71a8720c8863",
   success: true
}

{
  success: false,
  reason: "Client is not registered"
}
AttributesDefinition
id_tokenThis is the ID token of the user. It is a JWT token that contains their email amongst other details. This should be stored by the front-end of your application, and validated when the user tries to access protected resources
access_tokenThis is the access token of the user. It is a JWT token that contains private information about the user and their access rights. This should be stored securely such that it is not exposed.
refresh_tokenThis is a refresh token that can be used when calling the/refreshendpoint to generate a new ID and access token.
successThe result of the request. Will be true for a successful request

You should extract the code= from the URL return in the email_link as it needs to be passed as auth_code in the next API call.

The refresh_token returned as a part of the response should be saved. This token will be required when making the /refresh API call to ensure users remain logged in and not be signed out of the platform.

📘

Verify JWT with EZID Public Key

Please note: both the id and access tokens are JWT tokens. You can verify these tokens by using the EZiD public key available on the left panel. If you are using NodeJS, a handy package to decode and verify JWT tokens is jsonwebtoken