What is the current expiration behaviour for Magic Links?
From what I’ve read/understood, the link is open for 3 days and it’s not one time use which means that the link can be used again until expiry.
Could someone please confirm?
The link is one-time use only 
If it is not clicked within 3 days, it expires and the client will be prompted to retrieve a new link. But, if the link is clicked once, it will automatically expire and no longer work.
I hope this helps, please let me know if you have any further questions.
“Magic links expire after 3 days or after a single use, ensuring both convenience and security.”
For reference, our article is here if this is helpful
Thanks for letting me know! This sounds like good programmed behaviour.
But I did test a link one time, and was able to log in with it multiple times using the same link. Is that a bug right now? I haven’t tested it again so I don’t know if it’s replicable.
@Andrew_Lowe I will file a ticket with engineering and we will do some testing, this doesn’t seem like the intended behavior 
@Andrew_Lowe Is it possible you were testing the magic link within the same browser session? If so, it is likely that session cookies were stored in the browser, allowing the link to work twice in the same browser session. I am unclear if this is intended behavior.
However, in a new/separate browser session, the link does not work, please see the demo here showing same session vs. new session: Zight Recording 2025-04-10 ...
I will let you know once I have any updates from engineering as well, thanks!
Ahh yes, it was in the same browser session, maybe it’s intended that way for ease of use if the window was accidentally closed in the same browser session?
@Andrew_Lowe Yes! I have confirmed with engineering:
The reason why it looks as if it keeps working is because the logged in user already has a current session running, and the logic for the magic link reads that, and associated the user logged in to simply return them to the webapp