Hey folks,
A heads up that at some point (3+ weeks ago?), the send-magic-link endpoint got updated to require an integrity token.
The portal code got updated to send one, as did the built-in signup form code. (Problems can occur if your ghost hasn’t been updated.)
HOWEVER, if you have custom code that takes a user email and sends a magic link, you perhaps missed it. At least, I missed it, until something broke.
So… check your sign-in forms for functionality!
Here’s a (slightly drafty) post about what’s I know about members API changes, recent and upcoming, including the integrity token issue, changes to the impersonation token endpoint, and 2FA staff auth.