Account Recovery
Account Recovery
This feature requires a subscription to Startup or Growth Plan
#Overview
Magic allows users to recover their account if they can no longer access the email associated with their account. This is made possible via the Account Recovery feature, which is enabled via the user's phone through SMS. Upon recovering the account, the user is prompted to change their email address.
This feature requires two prerequisites:
The primary login factor is an email (this includes
loginWithMagicLinkandloginWithEmailOTPimplementations)The user can prove ownership of a phone number, which will be used as the recovery factor
#Compatibility
Only available with Dedicated Wallet.
Account recovery methods are available on the following client-side SDKs:
#Usage
#Enabling Account Recovery
To enable SMS recovery for your users:
01magic.user.showSettings();
This will display a settings modal where users will be able to add a recovery factor.
Additionally, Magic supports a deep linking flow where you can send users straight to adding a recovery factor. The flow can also be whitelabeled:
01magic.user.showSettings({ page: 'recovery' });
#Recover Account
Once a recovery factor is a set up, a user can recover their account. To enable this, the developer should call the following:
01magic.user.recoverAccount({ email: email })
It’s important to note that updating the recovery factor is a security sensitive operation so users will first be prompted to demonstrate account ownership by authenticating their email via a one-time-passcode before they are able to add a recovery phone number.