[BUG] Login flow mismatch – magic link sent instead of promised code

Resolved 💬 2 comments Opened Apr 21, 2026 by EmilPhoto Closed Apr 24, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Expected behavior

An email with a numeric/alphanumeric code arrives that can be typed into the input field on the website.

Actual behavior

The email contains a magic link hidden inside an HTML button — not a code. There is no plain-text version of the email, so users with HTML rendering disabled or plain-text email clients see no actionable content. The code field on the website cannot be filled in.

Impact

Users relying on plain-text email clients or with images/HTML disabled are completely locked out of their accounts.

What Should Happen?

Suggested fixes

  1. Send an actual numeric code matching the UI prompt, or update the UI copy to say "click the link sent to your email" instead of asking for a code.
  2. Always include a plain-text version of the email with the magic link as a raw URL.
  3. Consider implementing passkey support as a more robust, phishing-resistant alternative to email-based login.

Environment

  • Affected: all platforms (issue is in the email / login UI, not browser-specific)

Error Messages/Logs

Steps to Reproduce

Steps to reproduce

  1. Go to claude.ai and initiate login with email.
  2. The UI prompts: "enter the code sent to your email".
  3. Check your inbox.

Claude Model

None

Is this a regression?

I don't know

Last Working Version

_No response_

Claude Code Version

website claude.ai

Platform

Other

Operating System

macOS

Terminal/Shell

Terminal.app (macOS)

Additional Information

_No response_

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗