Customer authentication
Chord supports customer authentication and account management. Customers can log into their accounts, view their order history, and manage subscriptions and saved addresses. Chord has integrations with authentication platforms like stytch or Magic that handles the login process.
Your developers/agency can choose one of Chord’s authentication integrations and build a seamless login experience. Chord sites use a passwordless login flow, typically with “magic links.” The customer enters their email address in a login form and receives an email with a magic link.
When the customer clicks the magic link, they are instantly logged into the site without being prompted for a password. Passwordless authentication decreases the friction of logging in by removing the need for a password so your customer doesn’t struggle to retrieve a forgotten password.
Customers can access their accounts by clicking the Login or Account button on the website. They will then be redirected to a form with a single field prompting them to enter their email address.
Users do not need to remember their password; there is no separate registration process. Instead, new and returning users fill out the same login form.
A customer account is automatically created in the Chord OMS when a new customer successfully logs in.
You may want to add language to your site that explains the above.
After the customer enters their email address, the site displays a prompt that tells the customer to check their email. The authentication platform sends them an email that contains a magic link.
When customers check their email, they see an email with a magic link to click to finish logging in. When they click the link, they are redirected back to the site and instantly logged into their account. This link will expire after a period because it contains a unique token used to authenticate the customer.
When the customer clicks the link in the email, they are redirected back to the site in a new tab. The exact URL that the customer sees is customizable, and might be the account page, the page they were browsing when they started the login process, or some other page.
If the customer has their email open in the same browser as the original site, clicking the link in the email opens the site in a new tab, which means the customer now has the same site open in two tabs. They are now logged in in both tabs, and should have the same browsing experience in both.
If the customer has their email open in a different browser or device, clicking the link in the email would open the site in that browser or device. They are logged in in that browser or device. Depending on the authentication platform, they may also see the original browser tab automatically refresh and are logged in there, too.
If the customer has logged in for the first time, the customer account is created in the Chord OMS as soon as the login process is complete (the customer clicked the magic link in their email and the site loaded).
If the customer just logged in for the first time, the site could prompt the customer to fill out additional profile information. A registration flow that uses passwords often captures additional profile information as part of the registration form. For example, a site might require an email address, password, and first and last name in the same form. The passwordless flow decreases the friction of creating an account by only asking for the email address. The customer can be prompted to enter additional profile information after completing the login process.
The customer’s authentication session can be ended by clicking a logout button, or it will expire after a configurable period of time.