Your magic links always work — even in corporate inboxes.
Outlook, Defender, Safe Links, and other email scanners can't consume your one-time links. Users click once and land where you sent them.
Fewer expired links. Fewer support tickets. Higher signup completion.
- Fewer invalid or expired link errors
- Fewer support tickets about broken links
- Higher signup and reset completion
Built for indie SaaSSupabase-firstBring your own auth
How it helps
Stop expired links
Email scanners that open links no longer burn your one-time tokens. Only real user clicks count.
Reduce support
Fewer "this link doesn't work" tickets. Users get where they need to go the first time.
Protect conversion
Signup, password reset, and invite flows complete instead of failing in corporate inboxes.
Works with
SupabaseNextAuth / Auth.js (coming)Any auth provider
Frequently asked questions
- Does it add an extra click?
- No. For normal users it's one click: they open the link and are redirected. No extra step.
- Will it work in corporate email?
- Yes. Links are designed to work even when Outlook, Microsoft Defender, Safe Links, or similar tools scan them. Only a real user click completes the flow.
- Do I need to change my app code?
- For Supabase: paste a template snippet and set allowed hosts. For other providers: minimal changes — wrap your existing link in ours.
- What do you store?
- Minimal, privacy-safe data: no full URLs, no tracking. We store only what's needed to run the rail (e.g. host and path length, not the full destination).
- Can I start free?
- Yes. There's a free tier with a monthly allowance. You only pay for successful redemptions after that.