{"id":29182822,"url":"https://github.com/magiclabs/onboarding-guide","last_synced_at":"2025-07-01T20:33:08.738Z","repository":{"id":225231512,"uuid":"763335574","full_name":"magiclabs/onboarding-guide","owner":"magiclabs","description":null,"archived":false,"fork":false,"pushed_at":"2024-03-27T22:01:27.000Z","size":1739,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-04-16T01:22:40.859Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/magiclabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2024-02-26T05:11:29.000Z","updated_at":"2024-02-29T21:05:35.000Z","dependencies_parsed_at":"2024-02-29T23:24:42.869Z","dependency_job_id":"13d421cb-ddfe-4ced-8bf3-4a8ee652b499","html_url":"https://github.com/magiclabs/onboarding-guide","commit_stats":null,"previous_names":["magiclabs/onboarding-guide"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/magiclabs/onboarding-guide","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magiclabs%2Fonboarding-guide","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magiclabs%2Fonboarding-guide/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magiclabs%2Fonboarding-guide/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magiclabs%2Fonboarding-guide/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/magiclabs","download_url":"https://codeload.github.com/magiclabs/onboarding-guide/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magiclabs%2Fonboarding-guide/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263033214,"owners_count":23403116,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-07-01T20:32:58.682Z","updated_at":"2025-07-01T20:33:08.608Z","avatar_url":"https://github.com/magiclabs.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Intro to Magic - Onboarding Guide\n## Sections\n- [Dashboard Walkthrough](#dashboard-walkthrough)\n- [Enterprise Features](#enterprise-features)\n- [Documentation Index](#documentation-index)\n## Dashboard Walkthrough\n- [Team Management](#team-management)\n- [User Management](#user-management)\n- [Authentication Settings](#authentication-settings)\n- [Branding](#branding)\n- [Widget UI](#widget-ui)\n- [Security Settings](#security-settings)\n---\n### [TEAM MANAGEMENT](https://magic.link/docs/home/teams#managing-your-team)\n#### ADD MEMBERS TO TEAM\n- Invite collaborating team members\n- Team members have access to all features **EXCEPT**\n  - App deletion\n  - View billing history\n  - Update payment information\n  \u003cimg width=\"1111\" alt=\"teammanagement\" src=\"https://github.com/magiclabs/onboarding-guide/assets/84942969/d5d84959-95e3-4cf3-95e4-7a48a98abfb0\"\u003e\n---\n### USER MANAGEMENT\n#### END USERS\n- View user sign up date/time\n- Search for users by email address, phone number or sub ID (if own IdP)\n- [Disable MFA (if enabled and user activates)](#multi-factor-auth)\n- [Download CSV with info of all users (Pro Package Feature)](https://magic.link/docs/authentication/features/data-export)\n![users](https://github.com/magiclabs/onboarding-guide/assets/84942969/101abef3-ff88-436a-95d4-ec8cdcf9620b)\n#### [EMAIL LOGS](https://magic.link/docs/authentication/features/email-logs)\n- Event logs only available for email users\n- Track unique users and conversion rates\n- Search by email or IP address\n- Use as a customer support tool\n![emaillogs](https://github.com/magiclabs/onboarding-guide/assets/84942969/292effdc-ec30-409b-a3b0-9e111f6822c9)\n---\n### AUTHENTICATION SETTINGS\n#### PASSWORDLESS LOGINS\n- Email enabled by default\n- SMS and WebAuthn must be enabled from dashboard before client SDK methods will work\n![passwordlesslogins](https://github.com/magiclabs/onboarding-guide/assets/84942969/d764ebde-cc99-489f-a553-8ce94ea07f90)\n#### [SOCIAL LOGINS](https://magic.link/docs/authentication/features/social-logins/oauth-implementation)\n- Social login requires configuration with each provider\n![sociallogins](https://github.com/magiclabs/onboarding-guide/assets/84942969/03033899-b4b6-432a-8fba-d3f28a53d784)\n#### [MULTI-FACTOR AUTH (Pro Package Feature)](https://magic.link/docs/authentication/features/mfa)\n- Enabling Mobile App MFA login gives user ability to set a 2nd factor on authentication through app on mobile device (i.e. Google Authenticator)\n- The setting is triggered when app calls on the `showSettings` method on the [Web SDK User Module](https://magic.link/docs/api/client-side-sdks/web#user-module)\n- End user's 2nd factor can be disabled by app owner in [USER section of dashboard](#user-management)\n![mfa](https://github.com/magiclabs/onboarding-guide/assets/84942969/82e545d9-0abc-4c8a-9960-b045deb46fa3)\n---\n### BRANDING\n#### MAGIC COMPONENTS\n- Add brand logo, select primary color and theme\n- Default email template (magic link and OTP)\n- Magic UI when calling auth methods\n- All Widget UI components\n- Device registration UI\n- User settings UI\n![branding](https://github.com/magiclabs/onboarding-guide/assets/84942969/218a160b-84b2-48d2-911d-0a335130c469)\n#### [CUSTOM EMAIL PROVIDER](https://magic.link/docs/authentication/customization/custom-smtp)\n- When configured properly, users will receive login emails from custom email domain when logging in via email magic link or OTP\n- Enabling this feature is a pre-requisite to [Custom Email Template](#custom-email-template)\n![customemailprovider](https://github.com/magiclabs/onboarding-guide/assets/84942969/4574b8c2-3807-41ef-85a6-3ed22cf33e44)\n---\n### WIDGET UI\nAvailable on 6 networks; Ethereum, Base, Polygon, Optimism, Arbitrum, and Flow\n#### WALLET VIEW\n- Default wallet view gives user token balance display and send/receive functionality\n- Enabling NFT UI gives user ability to view token images\n- Enabling NFT Transfer gives user ability to send token\n- Enabling Fiat On-Ramps gives US users ability to purchase select token from providers\n- Fiat On-Ramps for non-USA users require KYB with provider\n#### SIGNATURE REQUEST UI\n- Enabling Signature Request UI displays Magic UI on each signing operation\n- UI displays transaction information for send transaction operations\n- UI displays message information for personal sign operations\n- When enabled, default behavior is for the Signature Request UI to render in same browser tab\n- Signature Request UI can be displayed in pop-up tab under Magic's domain by enabling [Sign Confirmation security setting](#sign-confirmation)\n![widgetui](https://github.com/magiclabs/onboarding-guide/assets/84942969/cbcff899-5c95-4a6b-b97a-f1a6a694f6a4)\n---\n### SECURITY SETTINGS\n#### ALLOWED ORIGINS \u0026 REDIRECTS\n- [Domain allowlist](https://magic.link/docs/authentication/security/allowlists/domain-allowlist) restricts which domains can use your Magic app publishable API key\n- Domain allowlist is enabled by default and localhost cannot be removed\n- Programmatic configuration of domain allowlist by API is possible\n- [Allow redirect based auth flows for OAuth and/or email magic link with redirect](https://magic.link/docs/authentication/security/allowlists/redirect-allowlist)\n- [Allow mobile apps to use Magic app publishable API key based on bundle ID (iOS) and/or package name (Android)](https://magic.link/docs/authentication/security/allowlists/mobile-access-allow-listing)\n#### [CONTENT SECURITY POLICY](https://magic.link/docs/wallets/security/content-security-policy)\n- Control which URLs are allowed by the browser's CSP when needing to load images or communicate with certain RPC URLs\n#### [DEVICE REGISTRATION](https://magic.link/docs/authentication/security/device-registration)\n- This security feature is disabled by default\n- Enabling Device Registration will trigger additional security step (with Magic's UI/UX) during auth if browser/device is different from previous login\n- While enabled, this feature will never trigger on a user's initial sign up\n  ![allowlistcspndr](https://github.com/magiclabs/onboarding-guide/assets/84942969/0bb634cd-4312-4dfd-b553-1ab30db1d363)\n#### [SIGN CONFIRMATION](https://magic.link/docs/wallets/security/sign-confirmation)\n- Only relevant if [Signature Request UI is enabled in Widget UI section](#signature-request-ui)\n- Enabling Sign Confirmation will display transaction information or sign message in a pop-up\n#### [MAGIC LINK SECURITY CHECK](https://magic.link/docs/authentication/security/magic-link-security-check)\n- Only relevant if using [email magic link method and **NOT** passing in a redirect URI](https://magic.link/docs/api/client-side-sdks/web#loginwithmagiclink)\n- Enabling this while user logs in via email magic link method will present the user with a 3-digit OTP which needs to be submitted after clicking the emailed magic link\n![signconfmagiclinkseccheck](https://github.com/magiclabs/onboarding-guide/assets/84942969/24b496ee-6019-45ff-bc60-8bd973a66d13)\n#### [SESSION MANAGEMENT](https://magic.link/docs/authentication/security/session-management)\n- Default session length is 7 days and persists session via third-party cookies\n- Session length can be increased up to 90 days when Auto Refresh is enabled (Pro Package Feature)\n- Enabling Auto Refresh persists session in first-party context through DPoP mechanism (Pro Package Feature)\n#### [ACCESS CONTROL](https://magic.link/docs/authentication/security/access-control)\n- Enabling Allow List is very restrictive, it **ONLY** allows those in that list to login via email auth methods or OAuth logins that have that email returned in scope\n- Enabling Block List blocks users in that list from login via email auth methods or Oauth logins that have that email returned in scope\n- Wildcarding is available on both lists\n- Programmatic add and update to list by API is possible\n![sessionmanagementaccesscontrol](https://github.com/magiclabs/onboarding-guide/assets/84942969/0ee91996-d2b7-4915-8bc5-e7d33a177120)\n---\n## Enterprise Features\nThe following features require an enterprise agreement and special enablement\n- [Account Recovery](#account-recovery)\n- [Custom Multi-Factor Authentication](#custom-multi-factor-authentication)\n- [Generalized DKMS](#generalized-dkms)\n- [Custom Email Template](#custom-email-template)\n- [Account Linking](#account-linking)\n- [Gas Subsidy](#gas-subsidy)\n- [NFT Minting and Delivery](#nft-minting-and-delivery)\n- [NFT Checkout](#nft-checkout)\n### [ACCOUNT RECOVERY](https://magic.link/docs/authentication/enterprise-features/account-recovery)\n- Only available for users who have logged in via email methods (`loginWithMagicLink` and `loginWithEmailOTP`)\n- User can add phone number as recovery factor\n### [CUSTOM MULTI-FACTOR AUTHENTICATION](https://magic.link/docs/authentication/enterprise-features/advanced-mfa)\n- Integrate custom MFA provider to verify sessions\n- When enabled, all logins must have issued JWT be set in the custom authorization header via Magic SDK method\n### [GENERALIZED DKMS](https://magic.link/docs/wallets/enterprise-features/generalized-dkms)\n- Leverage Magic's DKMS and allow user to encrypt any data with their PK\n- Encrypted data is not stored by Magic\n### [CUSTOM EMAIL TEMPLATE](https://magic.link/docs/authentication/enterprise-features/custom-email-template)\n- [Custom Email Provider](#custom-email-provider) needs to be configured to use this feature\n- Create one or multiple custom email templates for a single Magic app\n![customemailtemplate](https://github.com/magiclabs/onboarding-guide/assets/84942969/5fc94f6b-0497-4810-b1bb-2163b4a10151)\n### [ACCOUNT LINKING](https://magic.link/docs/authentication/enterprise-features/account-linking)\n- Only available to Magic wallets and linking between users in the same Magic app\n- Account linking via REST API sets a primary and secondary wallet and requires a user to login to both accounts\n### [GAS SUBSIDY](https://magic.link/docs/wallets/enterprise-features/gas-subsidy)\n- Only available on Polygon, smart contract must inherit ERC-2771 context\n- Register smart contract and manage usage in Magic dashboard\n- User must initiate transaction via Magic SDK gasless transaction method\n![gassubsidy](https://github.com/magiclabs/onboarding-guide/assets/84942969/2247e817-95fb-405b-8760-1cb2c0c03fce)\n### [NFT MINTING AND DELIVERY](https://magic.link/docs/nfts/features/minting-and-delivery)\n- Only available on Polygon, smart contract must be ERC-721 or ERC-1155 and incorporate a minting function\n- Register smart contract with Customer Success\n- Call REST API endpoint to initiate mint and deliver (airdrop)\n### [NFT CHECKOUT](https://magic.link/docs/nfts/features/checkout)\n- Requires PayPal merchant account\n- Enables fiat-based NFT primary sales purchases via Magic SDK NFT module method\n---\n## Documentation Index\n### CLIENT-SIDE\n#### WEB SDK\n- [Getting started - import, construct and initialize magic](https://magic.link/docs/api/client-side-sdks/web#getting-started)\n- Authentication Methods\n  - [Auth Module - email and phone authentication methods](https://magic.link/docs/api/client-side-sdks/web#auth-module)\n  - [OpenID Module - bring your own identity provider](https://magic.link/docs/api/client-side-sdks/web#open-id-module)\n  - [OAuth Module - social provider login methods](https://magic.link/docs/api/client-side-sdks/web#o-auth-module)\n  - [WebAuthn Module - biometric login methods](https://magic.link/docs/api/client-side-sdks/web#web-authn-module)\n- [Wallet Module - widget UI methods](https://magic.link/docs/api/client-side-sdks/web#wallet-module)\n- [NFT Module - NFT checkout and transfer methods](https://magic.link/docs/api/client-side-sdks/web#nft-module)\n- [User Module - generate did token, get user metadata, check login status, display user settings and logout](https://magic.link/docs/api/client-side-sdks/web#user-module)\n- [Response and Error Handling](https://magic.link/docs/api/client-side-sdks/web#response-and-error-handling)\n#### REACT NATIVE SDK (BARE \u0026 EXPO)\n- [Getting started - import, construct and initialize magic](https://magic.link/docs/api/client-side-sdks/react-native#getting-started)\n- [Relayer - facilitates events between the Magic iframe context and the RN app](https://magic.link/docs/api/client-side-sdks/react-native#relayer)\n- Authentication Methods\n  - [Auth Module - email and phone authentication methods](https://magic.link/docs/api/client-side-sdks/react-native#auth-module)\n  - [OpenID Module - bring your own identity provider](https://magic.link/docs/api/client-side-sdks/react-native#open-id-module)\n  - [OAuth Module - social provider login methods](https://magic.link/docs/api/client-side-sdks/react-native#o-auth-module)\n- [Wallet Module - widget UI methods](https://magic.link/docs/api/client-side-sdks/react-native#wallet-module)\n- [NFT Module - NFT checkout and transfer methods](https://magic.link/docs/api/client-side-sdks/react-native#nft-module)\n- [User Module - generate did token, get user metadata, check login status, display user settings and logout](https://magic.link/docs/api/client-side-sdks/react-native#user-module)\n- [Response and Error Handling](https://magic.link/docs/api/client-side-sdks/react-native#response-and-error-handling)\n#### FLUTTER SDK\n- [Getting started - import, construct and initialize magic](https://magic.link/docs/api/client-side-sdks/flutter#getting-started)\n- Authentication Methods\n  - [Auth Module - email and phone authentication methods](https://magic.link/docs/api/client-side-sdks/flutter#auth-module)\n  - [OpenID Module - bring your own identity provider](https://magic.link/docs/api/client-side-sdks/flutter#open-id-module)\n  - [OAuth Module - social provider login methods](https://magic.link/docs/api/client-side-sdks/flutter#o-auth-module)\n- [User Module - generate did token, get user metadata, check login status, display user settings and logout](https://magic.link/docs/api/client-side-sdks/flutter#user-module)\n#### ANDROID SDK\n- [Getting started - import, construct and initialize magic](https://magic.link/docs/api/client-side-sdks/android#getting-started)\n- Authentication Methods\n  - [Auth Module - email and phone authentication methods](https://magic.link/docs/api/client-side-sdks/android#auth-module)\n  - [OpenID Module - bring your own identity provider](https://magic.link/docs/api/client-side-sdks/android#open-id-module)\n- [Wallet Module - widget UI methods](https://magic.link/docs/api/client-side-sdks/android#wallet-module)\n- [User Module - generate did token, get user metadata, check login status, display user settings and logout](https://magic.link/docs/api/client-side-sdks/android#user-module)\n#### iOS SDK\n- [Getting started - import, construct and initialize magic](https://magic.link/docs/api/client-side-sdks/ios#getting-started)\n- Authentication Methods\n  - [Auth Module - email and phone authentication methods](https://magic.link/docs/api/client-side-sdks/ios#auth-module)\n  - [OpenID Module - bring your own identity provider](https://magic.link/docs/api/client-side-sdks/ios#open-id-module)\n- [Wallet Module - widget UI methods](https://magic.link/docs/api/client-side-sdks/ios#wallet-module)\n- [User Module - generate did token, get user metadata, check login status, display user settings and logout](https://magic.link/docs/api/client-side-sdks/ios#user-module)\n- [Error Handling](https://magic.link/docs/api/client-side-sdks/ios#error-handling)\n#### UNITY SDK\n- [Getting started - import, construct and initialize magic](https://magic.link/docs/api/client-side-sdks/unity#getting-started)\n- [Auth Module - email and phone authentication methods](https://magic.link/docs/api/client-side-sdks/unity#auth-module)\n- [User Module - generate did token, get user metadata, check login status, display user settings and logout](https://magic.link/docs/api/client-side-sdks/unity#user-module)\n#### BRING YOUR OWN IDENTITY PROVIDER\n- [How to create and update your auth config](https://magic.link/docs/authentication/enterprise-features/idp)\n### BLOCKCHAINS\n- [Blockchain Integration](https://magic.link/docs/blockchains/overview)\n### SERVER-SIDE\n- [NodeJS SDK](https://magic.link/docs/api/server-side-sdks/node)\n- [Python SDK](https://magic.link/docs/api/server-side-sdks/python)\n- [Go SDK](https://magic.link/docs/api/server-side-sdks/go)\n- [Ruby SDK](https://magic.link/docs/api/server-side-sdks/ruby)\n- [PHP SDK](https://magic.link/docs/api/server-side-sdks/php)\n- [Laravel SDK](https://magic.link/docs/api/server-side-sdks/laravel)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagiclabs%2Fonboarding-guide","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmagiclabs%2Fonboarding-guide","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagiclabs%2Fonboarding-guide/lists"}