Creating a magic log-in link for a targeted survey


I am trying to create a magic link to a targeted survey.

An agent will create a magic link and message the link to the targeted survey takers.

Any advice is much appreciated. Thank you.

Just to clarify, by magic link, you’re referring to links that offer passwordless authentication and, in your case, automatically redirects a survey taker to the appropriate target survey, right?

If so, take a look at these two articles on how to implement passwordless authentication:

At a high level, I imagine the token embedded in the url will need to capture at minimum two identifiers:

  1. an invited survey taker identifier e.g. email, phone number, or database id/uuid
  2. a survey identifier for the redirect.

A potential gotcha is that the survey taker identifier will not be sufficient for situations where the a person is sent multiple targeted surveys through the same identifiers – hence the survey identifier in addition to the survey taker identifier.

Off the top of my head, some questions/requirements to consider:

  • Do you need to create actual user accounts for invited users? And if so, when? e.g. ahead of time, upon first login, upon survey submission?
  • Are magic links sent via email and/or text message? How do you handle messages that bounce back? Do you need to surface them to the survey creator?
  • Should the magic links expire? If so, based on what? e.g. time, after being accessed, after survey submitted?
  • Can survey takers re-visit surveys and edit their answer?
  • Will the survey creator want to see analytics on which survey takers have (not) opened the link, (not) started the survey, (not) completed the survey? If so, you’d want to implement some form of tracking.

The survey takers would not need to login

The survey agent who is logged in visits the survey taker and create a uuid, a redirect and the magic link to a survey, so the link is good for 15 mins and one time use.

The output will be the url, which is copied and pasted in message.

The survey takers can do the survey in the browser.

Thank you. I hope it is possible

or instead of uuid, could be a hidden input field for phone number, jf it is accessible>Could it?

Just use a JWT token with specific audience, you could even encode more necessary data inside. The signature is done by the private key you have on your server, so you can ensure that the token was emitted by you and is valid.

You can receive the token in any of your endpoints as a param:{your_jwt_token}


Phoenix has a built-in module Phoenix.Token for creating, signing, and verifying tokens that is worth checking out. It’s also used in both the links shared earlier, I’d give them a read even if you don’t need to login the survey taker.

By “survey agent”, are you referring to the person owning/creating the survey? And that this interaction happens in person?

And is the uuid the identifier representing the survey?

Most of the time we need a survey agent who can sign in using the mix phx.gen.auth. We need the survey agents because most of the time we need good survey samples.

From what I understand from above conversations, the survey agents will login and create a magic link, using token and a redirect by creating a token module.

Token should not be in db, active for 15 mins.

I think that’s what I need. Any comments is welcome.