How to Update Email Templates with Secure Tokenized Login Links

Overview

As of October 1, 2020, Magentrix retired the login method that included username and password parameters in URLs. This security enhancement prevents credential exposure in email links and activation messages.

Action Required: Update all email templates to use the new {!LoginLink} merge field for secure, tokenized authentication.

Why This Matters: The old login format exposed user credentials in plain text within URLs. The new tokenized method provides an additional layer of security by generating unique, time-limited login tokens that protect your users and portal.

Who This Affects

• Organizations using custom email templates for:
  • New User Notifications
  • Forgot Password emails
  • Reset Password emails
• Organizations with multiple language configurations
• Developers with custom login pages or third-party integrations

Before You Begin

Ensure you have:

• Administrator permissions in Magentrix
• Access to edit email templates (Setup > Create > Email Templates)
• A list of all custom email templates currently in use
• Backup copies of existing templates (recommended)

Steps to Update Email Templates

1. Access Your Email Templates

1. Navigate to Setup > Create > Email Templates
2. Review each template to identify any containing login links

Tip: Search for templates with names like "New User," "Password Reset," "Forgot Password," or any custom templates used for user access.

2. Replace Login Links with the Tokenized Merge Field

For each affected template:

1. Click Edit next to the template name

2. Locate the old login link in the text editor
3. Delete the existing login link completely

4. Type {!LoginLink} where the link should appear
5. Highlight the {!LoginLink} text you just typed
6. Click the link icon in the editor toolbar

7. From the Protocol dropdown, select <other>
8. In the URL field, enter: {!LoginLink}

9. Click OK
10. Click Save

What You're Creating: This creates a clickable link that displays as "{!LoginLink}" in the editor but will render as a secure, tokenized URL when sent to users.

3. Configure System Email Template Preferences

After updating your templates, assign them to system notifications:

For Company-Wide Email Settings

1. Go to Setup > Manage > Company Preferences

2. Click Edit
3. Select the Security Settings tab
4. Under Email Communication Settings, locate these fields:
   • New User Notification Email Template
   • Forgot Password Email Template
   • Reset Password Email Template

5. Select your updated custom email templates from each dropdown
6. Click Save

For Community-Specific Email Settings

If you have multiple communities with custom email templates:

1. Navigate to Setup > Create > Communities

2. Select the community and click Edit
3. Select the Security Settings tab
4. Under the Email Templates section, select your updated templates:
   • New User Notification Email Template
   • Forgot Password Email Template
   • Reset Password Email Template

5. Click Save
6. Repeat for each community that uses custom templates

Multi-Language Portal Considerations

If your portal supports multiple languages:

1. Check enabled languages at Setup > Manage > Language Settings

2. Identify if you have created language-specific versions of user access email templates
3. Apply the same update process to all language variants
4. Contact Magentrix Support to confirm all custom language templates have been updated

Important: Each language version requires separate updating. Missing even one language variant can leave security gaps.

For Developers: API and Custom Login Pages

If your development team has created custom pages or third-party applications that use the login endpoint:

Action Required: Update any custom code that uses the old username/password parameter format in login URLs.

Documentation: See the Login via API Documentation for the new tokenized authentication method.

Common Integration Points to Check:

• Custom portal login pages
• Mobile applications
• Single sign-on (SSO) integrations
• Third-party applications accessing Magentrix
• Automated scripts or workflows

Testing and Verification

After completing all updates:

1. Trigger a test email:
   • Use the "Forgot Password" function
   • Or create a test user account
2. Check the email:
   • Verify the login link is present and clickable
   • Confirm no username or password appears in the URL
3. Test the link:
   • Click the link to ensure it directs to the login page
   • Verify successful authentication
4. Repeat for each community (if applicable)

Expected Result: Users should receive a clean, secure link that authenticates them without exposing any credentials.

Troubleshooting

Problem: The link displays as "{!LoginLink}" text instead of a clickable link

Solution: Ensure you followed Step 2 completely—you must both type the merge field AND create it as a hyperlink using the link icon with Protocol set to <other>.

Problem: Users report broken links after updating templates

Solution:

• Verify you entered {!LoginLink} exactly (case-sensitive, with curly braces and exclamation point)
• Check that the Protocol is set to <other>
• Confirm the template is assigned in Security Settings

Problem: Emails aren't being sent after template updates

Solution:

• Verify templates are set to "Available for Use" status
• Check that templates are properly assigned in Company Preferences or Community Settings
• Review any email delivery logs for errors

Related Resources

• Portal Security Features
• Login via API Documentation
• Managing Company Preferences
• Community Administration Guide

Need Additional Help?

Contact Magentrix Support for assistance with:

Last Updated: October 2025