Magic Link Authentication for iconik Shares Recipients Guide Magic Link Authentication for iconik Shares Recipients Guide
  1. iconik
  2. Sharing
  3. Sharing

Magic Link Authentication for iconik Shares Recipients Guide

Sharing

See all 19 articles

Overview

Iconik already gives you multiple ways to protect shared content: watermarking, password protection, expiration dates, and access control lists. Magic Links add another layer of security by requiring email verification before anyone can access your shared content.

With Magic Links enabled, recipients must verify their identity via email before viewing shared resources. This ensures that only people with access to the intended email address can view your content, even if the share link is forwarded to someone else.

How it works:

  1. Share recipient receives a share link
  2. They click the link and enter their email address
  3. A unique, single-use verification link is sent to their inbox
  4. They click the verification link to access the content

Note: Recipients logged in to iconik and that receive a share link via email will get instant access to the shared content.

Magic Links are time-limited (typically valid for less than 16 minutes) and single-use, providing an additional security layer for sensitive projects like unreleased campaigns, confidential client work, or pre-release content.

Admin settings

As an Iconik administrator, you must enable Magic Links before your organization can use this authentication method.

To enable Magic Links:

  1. Click the Admin menu in the top navigation
  2. Select Share Management from the left menu.
  3. Click System Share Settings tab. 
  4. Scroll to General settings.
  5. Toggle Magic Links to On.
  6. Click Update.

Once enabled, Magic Links authentication will be available for all shares.

How recipients access shared content using Magic Links

The process involves receiving the initial share link, verifying your identity via email, and then clicking the Magic Link to gain access.

Step 1: Receiving the share link

  1. You'll receive a link or an email from the share creator with a link to the shared Iconik resource. The subject line will typically read: "Access content shared with you on Iconik".
  2. Click the link to navigate to the Iconik share page.

Step 2: Verifying your email

  1. If you're not currently logged into Iconik—or if you don't have an active share authentication session—you'll be prompted to enter your email address.
  2. Enter the email address where you received the share
  3. Submit the form
  4. You'll see a confirmation message on screen instructing you to check your email.

Step 3: Click the Magic Link to access content

  1. Open the second email (the one containing the Magic Link) and click the authentication link.
    • If successful: You'll be automatically authenticated and redirected to the shared content. A secure session will be established, granting you access.
    • If unsuccessful: You'll see an error message explaining why the link didn't work (see troubleshooting below).

Troubleshooting common issues

Magic Links have strict security measures. If you encounter an issue, refer to the table below:

Common Error Messages

Error MessageMeaningRecommended Action
"This link has expired. Please request a new one."The link has passed its time limit (typically less than 16 minutes) and is no longer valid.Return to the share page and re-enter your email address to request a new link.
"This link has already been used. Please request a new one if you still need access."Magic Links are single-use. Once clicked successfully, they cannot be reused.If your session has ended, or you are prompted to log in again, you must request a new link.
"This link is invalid. Please ensure you copied it correctly or request a new one."The link may have been corrupted or copied incorrectly.Return to the share page and request a new link via email.
"Too many attempts. Please try again later."You've exceeded the allowable number of link requests or validation attempts.Wait a few minutes before requesting a new link.

Session management

For security reasons, the authenticated session for external share recipients is typically valid for a short period (e.g., 24 hours).

  • For external recipients: Your authenticated session is typically valid for a limited period (e.g., 24 hours) for security reasons. After this time, you'll need to verify your email again to access the content.
  • For existing Iconik users: If you're already logged into Iconik when you click the Magic Link, the system will verify whether you have permission to view the share. If you don't have permission, you may be prompted to log out or open the link in an incognito/private browser window to proceed with the external Magic Link authentication flow.

Security best practices

  • Do not share the Magic Link with anyone else—it grants direct access to the shared content
  • Single-use only: Each Magic Link can only be clicked once successfully
  • Time-limited: Links expire in less than 16 minutes for security
  • If you didn't request a link or believe you received it in error, simply ignore it; the link will expire quickly