Authentication

Magic links

The default sign-in method is a magic link sent to your email. Enter your email address, click the link in the email, and you're signed in. No password to create or forget.

Magic links expire after 10 minutes. If yours expires, request a new one from the sign-in page.

Google sign-in

You can sign in with your Google account. Click Continue with Google on the sign-in page and authorize the app. Your Google email becomes your Bookmark account email.

Sessions

Sessions last 30 days by default. You'll be signed in automatically when you return to the app. You can sign out from the Settings page at any time.

API access (mobile and extension)

The mobile app and browser extension authenticate using a JWT token derived from your session. This token is generated automatically when you sign in. You don't need to manage it manually.

Account security

We don't store passwords. Magic links are single-use and time-limited. If you're concerned about account access, you can sign out of all devices from the Settings page.