For the implementation of autologin functionality we have followed the ARC guidelines using the MagicLink function, but after the last release there are two critical points that make this function not completely adapted to our requirements:
- The token that is returned after user activation/autologin is not refreshable. This means that 60 minutes after activation, users will be de-logged and will have to log in again.
- With the token generated, the purchase of subscriptions is not allowed (we update the user's profile in the process and that profile PATCH operation gives an error with the token provided).
For our functionality we need an operation equal to the social network login, i mean, a user who logs in/registers by social network is automatically logged in with a refreshable token and is allowed to buy subscriptions without any problem.
Thanks
Guest
The one-time access link/magicLink is not meant to be used with a refreshable token or behave similar to other login functionality. It should only allow the user a limited login time as it is to used temporarily. This is not behavior that will be changed.