ChangelogGuidesRecipesAPI ReferenceRoadmap
HomeGuidesRecipesAPI ReferenceChangelog
ChangelogGuidesRecipesAPI ReferenceRoadmapSTART FREE TRIALSCHEDULE A DEMO
API Reference
START FREE TRIALSCHEDULE A DEMO

Passwordless

Overview

Passwordless login lets customers sign in with a one-time link sent to their email — no password required. It is a two-step flow:

  1. Request a link — the customer enters their email and Pelcro emails them a one-time login link.
  2. Exchange the token — your front end posts the token from that link to start an authenticated session and receive a JWT.

Passwordless login must be enabled on the site.

How It Works

  1. Request a link — the customer submits their email; Pelcro emails them a one-time login link.
  2. Exchange the token — your front end posts the token from that link to start an authenticated session and receive a JWT.

API Endpoints

MethodEndpointDescription
POST/api/v1/sdk/auth/passwordless/requestRequest a passwordless link
POST/api/v1/sdk/auth/passwordless/loginPasswordless login

Important Behaviors

  • Passwordless login must be enabled on the site, otherwise these endpoints return 400.
  • The request endpoint is throttled (per email); exceeding the limit returns 429.
  • Unlike standard login, the request step does reveal whether an email exists (it returns 404 for an unknown email).

Updated 1 day ago

Updated 1 day ago