Passwordless Customer Login

Logging in Customers Via Email Link

Your application can send shoppers a one-time link via email that will sign them in to their storefront account.

Use cases for this include:

  • Reducing friction for customers, allowing them to proceed without needing to reset their passwords
  • An alternate method for signing in customers versus using the Customer Login API

Sending The Request

Send a POST request to {store-url}/login.php?action=passwordless_login

The request body should include:

  • email: The customer’s email address. This is where they will receive the one-time login link. Example:
"email": "",
"redirect_url": "/checkout"

Redirect URL

The POST request body can also include redirect_url. This should be a link to the URL where you want to redirect customers once they’re successfully logged in. If redirect_url is not provided, customers will be redirected as follows:

  • Failed sign-in: Sign in page
  • Successful sign-in: User account page


Upon receiving a successful POST request, BigCommerce will send a response that contains:

  • expiry: The time in seconds during which the login link is valid
  • sent_email: A value of sign_in indicates BigCommerce sent the login link to the customer via the email provided. A value of password_reset means BigCommerce emailed the customer a link with password reset instructions because they were previously flagged as needing to reset their password.


"expiry": 900,
"sent_email": "sign_in"

Other status codes:

429: Too many requests, request was rate limited

404: Provided email does not belong to a customer

Additional Resources