By default, magic sign-in links (also known as authorization links) that you send to your users expire after 2 weeks. As an administrator, you can change that configuration so that the links expire after being used twice.
From the management dashboard:
- Select Settings > Security
- Under "Account Security," select the checkbox for "Invalidate magic sign-in links after use" and press Save.
Magic Sign-In links generated after this box has been checked (but not before) will log the user in exactly twice, then will no longer allow the user to log in. This gives the user a chance to use it for their first login, plus one more time, before the link is deactivated.