appwrite/docs/references/account/create-token-email.md

Sends the user an email with a secret key for creating a session. If the email address has never been used, a new account is created using the provided userId. Otherwise, if the email address is already attached to an account, the user ID is ignored. Then, the user will receive an email with the one-time password. Use the returned user ID and secret and submit a request to the POST /v1/account/sessions/token endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.

A user is limited to 10 active sessions at a time by default. Learn more about session limits.