# Send pass links in Email Studio

Email Studio can distribute authenticated links that open the right The Wallet Crew page for each contact. This is the standard pattern for pass download, reminder, and reactivation emails.

Complete [Setup](/connect/marketing-automation/salesforce-marketing-cloud/setup.md) before building the content block.

<details>

<summary><strong>Real-world examples</strong></summary>

* A welcome email gives a new loyalty member direct access to the pass page.
* A reminder email targets contacts who still did not install the pass.
* A reactivation email opens the pass page without a separate sign-in step.

</details>

## How pass links work in Email Studio

The link is a JWT signed in Salesforce Marketing Cloud. The payload carries a customer identifier known by The Wallet Crew.

When the email is opened, The Wallet Crew verifies the token and resolves the right customer context.

## Build the AMPscript block

The example below signs a token with the contact email.

{% code title="AMPscript example" %}

```
%%[
    var @tenant, @keyId, @json, @jwt, @email, @host
    var @epochStart, @expirationDate, @secondsSinceEpoch, @secondsToEnd

    set @keyId = '0000-00000000-0000000000-0000'
    set @tenant = 'xxx'
    set @email = Email
    set @host = 'https://app.thewalletcrew.io'

    set @epochStart = DateParse('1970/01/01 00:00AM')
    set @expirationDate = DateAdd(Now(), '3', 'Y')
    set @secondsSinceEpoch = Multiply(DateDiff(@epochStart, Now(), 'MI'), 60)
    set @secondsToEnd = Multiply(DateDiff(@epochStart, @expirationDate, 'MI'), 60)

    set @json = '{
        "email":"@email",
        "nbf": @secondsSinceEpoch,
        "exp": @secondsToEnd,
        "iat": @secondsSinceEpoch,
        "iss": "neostore.cloud",
        "aud": "@tenant"
    }'

    set @json = Replace(@json, '@secondsSinceEpoch', @secondsSinceEpoch)
    set @json = Replace(@json, '@secondsToEnd', @secondsToEnd)
    set @json = Replace(@json, '@tenant', @tenant)
    set @json = Replace(@json, '@email', @email)

    set @jwt = GetJWTByKeyName(@keyId, 'HS256', @json)
    set @link = Concat(@host, '/', @tenant, '/pass?neo.authToken=', @jwt)
]%%
```

{% endcode %}

Use the Salesforce Marketing Cloud external key value created during [Setup](/connect/marketing-automation/salesforce-marketing-cloud/setup.md) as `@keyId`.

Use the The Wallet Crew tenant identifier as `@tenant`.

Use the tenant custom domain as `@host` when a custom domain is configured.

## Use another identifier when needed

Email is not the only supported identifier. Any external identifier already known by The Wallet Crew can be used.

For example, a Cegid Y2 customer identifier can replace the email claim.

{% code title="Payload claim example" %}

```json
"https://neostore.cloud/customer/identifiers:id.y2.customerId":"@customerId"
```

{% endcode %}

`@customerId` is the Salesforce Marketing Cloud field that stores the Y2 identifier.

## Insert the link into content

Once `@link` is generated, Content Builder can attach it to a text link, image, or button.

A minimal example looks like this.

{% code title="Email content snippet" %}

```html
%%[
  /* Insert the AMPscript block above */
]%%

<a href="%%=RedirectTo(@link)=%%">Open the pass page</a>
```

{% endcode %}

The same link can be reused in an email block, a reusable snippet, or an SMS message when the channel supports dynamic URLs.

## Preview and validate

Validation should happen in Content Builder before the block is used in production.

{% stepper %}
{% step %}

### Preview with a known contact

Use a test contact with a known identifier and render the content.
{% endstep %}

{% step %}

### Check the generated URL

Confirm the rendered URL contains a non-empty `neo.authToken` value.
{% endstep %}

{% step %}

### Open the link on a test device

Confirm the expected The Wallet Crew page opens for the correct customer.
{% endstep %}
{% endstepper %}

## Troubleshooting

### The link renders, but the token is empty

Check the source field used in AMPscript.

For email-based links, confirm the contact record exposes a usable `Email` value.

### The link is rejected by The Wallet Crew

Confirm the Salesforce Marketing Cloud symmetric key matches the The Wallet Crew secret configured during [Setup](/connect/marketing-automation/salesforce-marketing-cloud/setup.md).

### The wrong customer context opens

Check the identifier used in the JWT payload.

The safest pattern is a stable external identifier already stored in The Wallet Crew.

## FAQ

<details>

<summary><strong>Is email the only supported identifier?</strong></summary>

No. Any identifier already known by The Wallet Crew can be used.

Email is only the most common starting point.

</details>

<details>

<summary><strong>Should the link point to the platform domain or a custom domain?</strong></summary>

Use the tenant custom domain when one is configured.

Otherwise, use the default The Wallet Crew platform domain.

</details>

<details>

<summary><strong>Can the same link be reused in SMS?</strong></summary>

Yes, when the Salesforce Marketing Cloud channel supports dynamic URL rendering.

The same authenticated link pattern can be reused outside Email Studio.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.thewalletcrew.io/connect/marketing-automation/salesforce-marketing-cloud/send-pass-links-in-email-studio.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.