Magic Link (SSO)
Retrieve a secure, one-time URL that will automatically login an affiliate to their dashboard.
Last updated
Retrieve a secure, one-time URL that will automatically login an affiliate to their dashboard.
Last updated
Use this endpoint to generate a secure, one-time URL that you can display to affiliates or redirect them to in order to have them automatically logged into their Rewardful dashboard without requiring them to provide their email and password.
Links expire after one minute and cannot be used more than once. Generating a new magic link will invalidate all previous magic links for that affiliate, even if they haven't been used.
Because magic links expire after one minute you should not insert them into HTML documents. If you do, it's possible that the link will have expired by the time the affiliates clicks it.
Instead, you should fetch magic links from Rewardful on-demand and immediately redirect the affiliate to the magic link returned by the Rewardful REST API.
The diagram below illustrates this flow:
An authenticated user clicks a "View affiliate dashboard" link that leads to an app.example.com/rewardful URL in your application.
Your application requests a magic link for the affiliate from the Rewardful REST API.
The Rewardful REST API returns the magic link to your application.
Your application redirects the user to the Rewardful magic link.
The flow in Ruby pseudocode (using HTTParty to make network requests) might look something like this:
Response
Method
URL
GET
https://api.getrewardful.com/v1/affiliates/:id/sso
Response code
Body
200
Data about the SSO URL and brief affiliate summary.
Response code
Body
404
JSON object describing the error.
Response code
Body
401
Description of the authentication failure.
