Glossary
Definitions of key terms used across all MagicDX plugins. Useful for onboarding, API reference, and communicating with non-technical stakeholders.
A
AES-256-GCM
Symmetric-key encryption algorithm used by Magic-Mail and Magic-Sessionmanager to encrypt sensitive data (email credentials, JWT tokens) before storing them in the database. GCM provides authenticated encryption, so tampering is detectable.
API Key
A static credential used by SendGrid, Mailgun, and other API-based email providers in Magic-Mail. Stored encrypted in the database.
B
Block Editor
A rich-text editor that represents content as an ordered list of typed blocks (paragraph, heading, image, code, embed) rather than a single HTML string. Magic-Editor-X uses Editor.js with 18+ built-in block types. Benefits: portable JSON output, easier frontend rendering, collaborative editing.
BYOK (Bring Your Own Key)
Optional security setup where you generate your own encryption key (instead of using Strapi's default) and provide it via environment variables. Recommended for production. See Magic-Mail configuration.
C
Canonical URL
A <link rel="canonical"> tag that tells search engines which URL is the primary version of a page. Prevents duplicate-content penalties. Every MagicDX doc page sets its own canonical URL.
Collaborator
A user who can simultaneously edit content in Magic-Editor-X. Free tier: 2 collaborators. Premium: 10. Advanced: unlimited.
Content Manager
The Strapi admin UI for CRUD on entries. Magic-Mark adds a toolbar button to the Content Manager for saving and restoring query bookmarks.
CRDT
Conflict-free Replicated Data Type. A data structure where concurrent edits from multiple clients merge deterministically without a central coordinator. Magic-Editor-X uses Y.js (a CRDT implementation) to power real-time collaboration.
D
Document Service API
Strapi v5's modern replacement for the v4 Entity Service API. All MagicDX plugins use the Document Service for database access. Introduces document IDs, draft/publish state, and locales as first-class concepts.
DKIM
DomainKeys Identified Mail. A cryptographic signature added to outgoing emails to prove they weren't forged. Magic-Mail applies DKIM automatically for OAuth providers (Gmail, Microsoft, Yahoo) and optionally for SMTP.
E
Editor.js
Open-source block-style editor by Codex Team, used as the foundation of Magic-Editor-X. Provides the block registry, toolbar, and save/load lifecycle. See editorjs.io.
Email OTP
One-Time Password sent via email (a 6-digit code) that the user enters after clicking a magic link. Adds a second factor to passwordless auth. Available in Magic-Link Premium tier and above.
F
Failover
Automatic switch to a backup email account when the primary account hits a rate limit or fails. Magic-Mail defines failover chains per routing rule so emails are never lost.
Force Logout
Admin action that invalidates a user's session server-side. In Magic-Sessionmanager, force logout also blocks refresh tokens, so the user can't silently re-authenticate.
G
GDPR List-Unsubscribe
A header (List-Unsubscribe and List-Unsubscribe-Post) included in marketing emails that gives recipients a one-click unsubscribe link directly from their inbox. Magic-Mail adds these automatically for marketing email type.
Geo-Fencing
Country-based allow- or block-list that controls which logins are accepted. Magic-Sessionmanager Advanced supports geo-fencing using ISO 3166-1 alpha-2 codes (e.g. DE, US, CN).
Glossary
This page.
I
IP Geolocation
Lookup of country, city, ISP, and coordinates from an IP address. Magic-Sessionmanager Premium attaches geolocation data to every session.
J
JWT
JSON Web Token. A signed token containing user claims, used by Strapi for session authentication. Magic-Sessionmanager can encrypt JWTs at rest for defense-in-depth. Magic-Link issues JWTs after successful magic-link verification.
L
License Activation
Process of entering your name/email (free tier) or license key (paid tier) to unlock plugin features. All MagicDX plugins require activation — free activation is completely free and takes 30 seconds. See License Activation.
llms.txt
Proposed standard for describing a website's content in an LLM-friendly plain-text format. See llmstxt.org. MagicDX provides /llms.txt (summary) and /llms-full.txt (full documentation export).
M
MFA (Multi-Factor Authentication)
Requiring two or more verification steps to log in (e.g. magic link + TOTP code). Available in Magic-Link Advanced tier.
Magic Link
A one-time, cryptographically-signed URL that logs a user in without a password. Sent via email by Magic-Link. Expires after a configurable time (default 15 minutes).
O
OAuth 2.0
Authorization framework that replaces password sharing. Magic-Mail uses OAuth 2.0 for Gmail (Google), Microsoft 365 (Azure AD), and Yahoo. No passwords are stored.
OTP
One-Time Password. See Email OTP and TOTP.
Q
Query Bookmark
A saved Strapi Content Manager query (filters + sort + pagination), identifiable by an emoji and name, that can be restored with one click. Created by Magic-Mark. Shareable with roles or individual users.
R
Rate Limiting
Maximum number of requests allowed per time window. Magic-Link applies rate limits to login attempts per IP; Magic-Mail applies per-account send rate limits.
Refresh Token
Long-lived token that, when paired with an expired JWT, issues a new JWT without re-authentication. Magic-Sessionmanager blocks refresh tokens for force-logged-out sessions to prevent re-entry.
Routing Rule
A named condition (e.g. type === "marketing") that maps outgoing emails to a specific Magic-Mail account, with optional fallback. Rules are evaluated top-down by priority.
S
Session
Server-side record of an authenticated user and device. Includes IP, user agent, created/updated timestamps, and (Premium+) geolocation. Tracked by Magic-Sessionmanager.
Smart Routing
Magic-Mail feature that picks the best email account for each outgoing message based on routing rules. Avoids single points of failure.
SMTP
Simple Mail Transfer Protocol. Classic username/password email sending. Supported by Magic-Mail as one of six provider types.
T
Threat Detection
Magic-Sessionmanager Advanced feature that scores each login 0-100 for risk, flags known-bad IPs, botnets, spam sources, and suggests blocking.
TOTP
Time-based One-Time Password. A 6-digit code that rotates every 30 seconds, generated locally by Google Authenticator, 1Password, Authy, etc. Supported by Magic-Link Advanced for MFA.
V
VPN Detection
Magic-Sessionmanager Advanced feature that identifies logins originating from VPN servers, proxies, or TOR exit nodes.
Y
Y.js
CRDT library powering real-time collaboration in Magic-Editor-X. Allows multiple users to edit the same document concurrently with automatic conflict resolution.
Missing a term? Email support and we'll add it.