Getting started
/
Login box
/
Login box
/
Link access verification
Last updated

Corporate email servers often use crawlers to check incoming links for security reasons. This process can unintentionally trigger and invalidate authentication links before users click them.

To prevent this, Frontegg introduces an additional verification step, ensuring authentication links remain valid and secure across different authentication flows.

When a user clicks an authentication link, a verification step is added before completing the action. This extra step integrates seamlessly into existing authentication flows, maintaining security while ensuring a smooth user experience.

Once published, each authentication flow will automatically include this verification step.

Supported authentication flows

Frontegg’s verification mechanism ensures the integrity of authentication flows such as magic link authentication, user activation, new account invitations, and account unlocking.

Users receive a magic link to verify their identity before accessing their account, while the extra verification step ensures that login attempts via email links remain valid.

magic-link

User activation

Users can activate their accounts without interference, while the extra verification step ensures that account activation links remain protected.

activate-account

New account invitation

Users invited to an account must confirm their identity before joining. The extra verification step prevents premature link invalidation when adding a user to another account.

accept-invitation

Unlock account

If an account is locked due to security rules, users must verify their identity to unlock access, while the extra verification step guarantees that recovery links work when needed. This email is triggered by security rules that have a lock option. For additional details, see here.

unlock-account

  1. Navigate to the bottom left corner of the Frontegg Builder.

confirmation-step

  1. Enable the Confirmation Step toggle. Once enabled:
  • Hosted login updates automatically.
  • Embedded login requires updating to the latest SDK versions listed below.

Prerequisites

@frontegg/react@7.6.3
@frontegg/angular@7.14.0
@frontegg/vue@4.6.1
@frontegg/nextjs@9.2.2
@frontegg/js@7.60.0


Styles & localizations

The additional screen will automatically match your application's styles and logo as configured in the builder. To customize text on each screen, refer to this guide.