/
Contact usSee pricingStart building
Node
​

    About Stytch

    Introduction
    Integration Approaches
      Full-stack overview
      Frontend (pre-built UI)
      Frontend (headless)
      Backend
    Migrations
      Migration overview
      Migrating users statically
      Migrating users dynamically
      Additional migration considerations
      Zero-downtime deployment
      Defining external IDs for users
      Exporting from Stytch
    Custom Domains
      Overview

    Authentication

    DFP Protected Auth
      Overview
      Setting up DFP Protected Auth
      Handling challenges
    Magic Links
    • Email Magic Links

      • Getting started with the API
        Getting started with the SDK
        Replacing your password reset flow
        Building an invite user flow
        Add magic links to an existing auth flow
        Adding PKCE to a Magic Link flow
        Magic Link redirect routing
    • Embeddable Magic Links

      • Getting started with the API
    MFA
      Overview
      Backend integration
      Frontend integration
    Mobile Biometrics
      Overview
    M2M Authentication
      Authenticate an M2M Client
      Rotate client secrets
      Import M2M Clients from Auth0
    OAuth
    • Identity providers

      • Overview
        Provider setup
      Getting started with the API (Google)
      Add Google One Tap via the SDK
      Email address behavior
      Adding PKCE to an OAuth flow
    Connected AppsBeta
      Setting up Connected Apps
      About Remote MCP Servers
    • Resources

      • Integrate with AI agents
        Integrate with MCP servers
        Integrate with CLI Apps
    Passcodes
      Getting started with the API
      Getting started with the SDK
    • Toll fraud

      • What is SMS toll fraud?
        How you can prevent toll fraud
      Unsupported countries
    Passkeys & WebAuthn
    • Passkeys

      • Passkeys overview
        Set up Passkeys with the frontend SDK
    • WebAuthn

      • Getting started with the API
        Getting started with the SDK
    Passwords
      Getting started with the API
      Getting started with the SDK
      Password strength policy
    • Email verification

      • Overview
        Email verification before password creation
        Email verification after password creation
    Sessions
      How to use sessions
      Backend integrations
      Frontend integrations
      Custom claims
      Custom claim templates
      Session tokens vs JWTs
      How to use Stytch JWTs
    TOTP
      Getting started with the API
      Getting started with the SDK
    Web3
      Getting started with the API
      Getting started with the SDK

    Authorization

    Implement RBAC with metadata

    3rd Party Integrations

    Planetscale
    Supabase
    Feathery
    Unit

    Testing

    E2E testing
    Sandbox values
Get support on SlackVisit our developer forum

Contact us

Consumer Authentication

/

Guides

/

Authentication

/

Magic Links

/

Email Magic Links

/

Getting started with the SDK

Setting up a new login solution with the Stytch SDK

Preferred frontend language

React
​



This is an integration guide for setting up the Stytch SDK in your app. First, you'll configure our frontend SDK in your client code to create a login experience in your app. Then, you'll add support to your server code for authenticating Stytch magic links. If you have any questions, check out the docs for the SDK or our example app that uses the code in this guide.

Stytch SDK auth flow

Step 1: Configure your project in the Stytch dashboard

Before adding Email magic links to your application you will need to make the following project configurations within the Stytch dashboard:

  1. Create a Login and Sign-up redirect URL on the redirect URL configuration page.

  2. Within SDK Configuration, authorize the domain(s) (eg. http://localhost:3000) the SDK will run on. Under Auth methods enable the Email magic links > Enable the LoginOrCreate Flow toggle.

  3. Finally, under API keys, save your project's public_token for later.

Step 2: Use Stytch

2.1 Install Stytch

Install the @stytch/vanilla-js, @stytch/react packages via npm or yarn. The packages provides frontend support for the Javascript SDK.

npm install @stytch/vanilla-js @stytch/react --save

2.2 Create StytchProvider

Wrap your app in the StytchProvider component

import React from 'react';
import { StytchProvider } from '@stytch/react';
import { StytchUIClient } from '@stytch/vanilla-js';

const stytch = new StytchUIClient('PUBLIC_TOKEN');


// Wrap your App in the StytchProvider
ReactDOM.render(
  <StytchProvider stytch={stytch}>
    <App />
  </StytchProvider>,
  document.getElementById('root'),
);

2.3 Create a Login component

Create a login component using Stytch's Login component.

import React from 'react';
import { StytchLogin } from '@stytch/react';

const Login = () => {   
  return <StytchLogin />;
}
                
export default Login;

2.4 Configure your Login Component

Create a config object to initalize the magic link product in the JavaScript SDK.

import React from 'react';
import { Products } from '@stytch/vanilla-js';
import { StytchLogin } from '@stytch/react';
const Login = () => {
                
  const config = {
    emailMagicLinksOptions: {
      loginExpirationMinutes: 30,
      loginRedirectURL: 'https://example.com/authenticate',
      signupExpirationMinutes: 30,
      signupRedirectURL: 'https://example.com/authenticate',
    },
    products: [
      Products.emailMagicLinks,
    ],
  };
                
  return <StytchLogin config={config} />;
}
                
export default Login;

2.5 Customize your Login Component

Customize the style of the SDK. The style object allows you to modify the look and feel to match your app.here.

import React from 'react';
import { StytchLogin } from '@stytch/react';
const Login = () => {

  const config = {
    emailMagicLinksOptions: {
      loginExpirationMinutes: 30,
      loginRedirectURL: 'https://example.com/authenticate',
      signupExpirationMinutes: 30,
      signupRedirectURL: 'https://example.com/authenticate',
    },
    products: ['emailMagicLinks'],
  };
  
  const styles = {
    fontFamily: '"Helvetica New", Helvetica, sans-serif',
  };

  return (
    <div className="loginContainer">
      <StytchLogin config={config} styles={styles} />
    </div>
  );
}

export default Login;

Step 3: Add server side support to your app for Stytch

Stytch works best with support from your app's server. You'll need to create or modify a few endpoints.

The Node examples use express to create http endpoints and express-session for sessions, but they can be replaced with any other http framework.

3.1 Install Stytch

Install the stytch package via npm or yarn. The stytch package provides backend support for the Stytch API.

npm install stytch --save

3.2 Create a user

POST/PUT user endpoint: When a user logs in to your app for the first time, the SDK will create a Stytch user for them and return a userId. We recommend adding a stytchUserId field to your user to save it.

app.post('/users', function (req, res) {
  var stytchUserId = req.body.userId;
  // TODO: Save stytchUserId with your user record in your app's storage
  res.send(`Created user with stytchUserId: ${stytchUserId}`);
});

3.3 Authenticate a user: GET route

GET authentication endpoint: When a user enters their email and clicks the login button, we will send them an email with a magic link to log in. You need to create a route for the magic link. There are a few ways to do this:

  • Implement a GET route on your frontend that accepts a token and passes it to a route on your backend that passes the token to Stytch to authenticate. This is recommended if your frontend lives separately from your backend.
  • Implement a GET route in your backend that accepts a token and passes it to Stytch to authenticate. This is recommended if your backend and frontend live in the same service.

3.4 Authenticate a user: POST route

POST to Stytch: If your url in the previous step was https://example.com, your user will be directed to https://example.com?token={token} when they click the magic link in the email. You'll pass this token to Stytch to authenticate it. If authentication is successful, create a user session and log them into your app. If you'd like to keep this user logged-in for a while, include "session_duration_minutes": 60 (an hour, for example). Check out the session management guide to learn how to handle the session.

const stytch = require('stytch');
const client = new stytch.Client({
  project_id: "PROJECT_ID",
  secret: "SECRET",
  env: stytch.envs.test
});
app.get('/authenticate', function (req, res) {
  var token = req.query.token;
  client.magicLinks.authenticate(token)
  .then(response => {
    req.session.authenticated = true;
      req.session.save(function(err) {
    console.log(err);
    });
    res.redirect('/home')
  })
  .catch(error => {
    console.log(error);
    res.send('There was an error authenticating the user.');
  });
});

Step 1: Configure your project in the Stytch dashboard

Step 2: Use Stytch

2.1 Install Stytch

2.2 Create StytchProvider

2.3 Create a Login component

2.4 Configure your Login Component

Step 3: Add server side support to your app for Stytch

3.1 Install Stytch

3.2 Create a user

3.3 Authenticate a user: GET route

3.4 Authenticate a user: POST route