Ruby On Rails Quickstart

This quickstart guide outlines the essential steps to integrate Stytch’s B2B SaaS Authentication product within a Ruby on Rails application.


Stytch offers a Ruby SDK that can be integrated within Rails applications:





Source Code

Ruby SDK


For server-side code. Our Ruby SDK facilitates robust authentication and authorization mechanisms and can be integrated directly with Rails apps to handle backend logic.

SDK Reference


In addition to our Ruby SDK, we recommend you consider using one of Stytch's frontend SDKs (headless or with pre-built UI) to build your client-side auth UI.

Learn more about different integration methods and their benefits by visiting our integration guides.

Getting Started

To begin, we'll set up Email Magic Links utilizing our Discovery flow.

1Install Stytch SDK and configure your API Keys

Create a Stytch B2B Project in your Stytch Dashboard if you haven't already.

Add the Stytch gem to your application's Gemfile and run bundle install:

gem 'stytch'

Configure your Stytch Project's API keys as environment variables:

# Use your Project's 'test' or 'live' credentials

2Set up your Rails app

Initialize the Stytch client and define routes and controller actions to handle authentication:

# config/routes.rb
Rails.application.routes.draw do
  post 'login', to: 'authentication#login'
  get 'authenticate', to: 'authentication#authenticate'
# app/controllers/authentication_controller.rb
class AuthenticationController < ApplicationController

  def stytch_client
    @stytch_client ||=
      project_id: ENV['STYTCH_PROJECT_ID'],
      secret: ENV['STYTCH_SECRET']

  def login
    email = params[:email]
    response =
      email_address: email
    render json: response
  rescue => e
    render json: { error: e.message }, status: :internal_server_error

  def authenticate
    token = params[:token]
    response = stytch_client.magic_links.discovery.authenticate(discovery_magic_links_token: token)
    render plain: "Hello, #{response.email_address}! Complete the Discovery flow by creating an Organization with your intermediate session token: #{response.intermediate_session_token}."
  rescue => e
    render plain: e.message, status: :unauthorized

For Email Magic Links, you must specify a redirect URL in your Project's Dashboard to authenticate the token. By default, the redirect URL is set to http://localhost:3000/authenticate.

You can specify additional Redirect URLs in your Project's Dashboard, and override the default by passing in an explicit discovery_redirect_url argument.

You can read more about redirect URLs in this guide.

3Test your application

Run your Ruby on Rails application and send a POST request to the /login endpoint with an email address to test the Discovery auth flow. You will recieve an email in your inbox with an Email Magic Link, which redirects you to the /authenticate endpoint or the redirect URL you set in your [Dashboard].

4What's next

Check out our product-specific guides for how to handle full authentication flows for each product you'd like to support, like Email Magic Links and OAuth.