Account Recovery

Account Recovery

This feature requires a subscription to Startup or Growth Plan

View pricing

#Overview

Magic allows users to recover their account if they can no longer access the email associated with their account. This is made possible via the Account Recovery feature, which is enabled via the user's phone through SMS. Upon recovering the account, the user is prompted to change their email address.

This feature requires two prerequisites:

  1. The primary login factor is an email (this includes loginWithMagicLink and loginWithEmailOTP implementations)

  2. The user can prove ownership of a phone number, which will be used as the recovery factor

#Compatibility

note

Only available with Dedicated Wallet.

Account recovery methods are available on the following client-side SDKs:

#Usage

#Enabling Account Recovery

To enable SMS recovery for your users:

Javascript
01⁠magic.user.showSettings();

This will display a settings modal where users will be able to add a recovery factor.

Additionally, Magic supports a deep linking flow where you can send users straight to adding a recovery factor:

Javascript
01magic.user.showSettings({ page: DeepLinkPage.Recovery});

#Recover Account

Once a recovery factor is a set up, a user can recover their account. To enable this, the developer should call the following:

Javascript
01magic.user.recoverAccount({ email: email })
note

It’s important to note that updating the recovery factor is a security sensitive operation so users will first be prompted to demonstrate account ownership by authenticating their email via a one-time-passcode before they are able to add a recovery phone number.