# Email verification ### Scope This document describes how **email verification** is used to secure user accounts by confirming email ownership during critical account actions. Multi-Factor Authentication (MFA) flows are documented separately and are **out of scope** for this document. *** ### I am new. Where should I start? #### Purpose Email verification ensures that: * The registered email address belongs to the user * The account can receive important security notifications * Account recovery actions can be performed safely *** #### Prerequisites Email verification applies when: * You sign up using **email and password** * You change or update your email address * You perform account recovery actions You must have access to the registered email inbox. *** ### I already understand. How do I proceed step by step? *** ### 1. When email verification is required Email verification is required in the following situations: * **After signing up with email and Password** (one-time) * **When changing the registered email address** * **During password recovery** * **For important account security confirmations** > Once an email address is verified, it does not need to be verified again unless it is changed. *** ### 2. Email verification flow #### Step 1: Verification email is sent * A verification email containing a one-time code is sent to the registered email address * The code is valid for a limited time … *** #### Step 2: Check your email inbox * Open the verification email * Locate the verification code … *** #### Step 3: Enter the verification code * Return to the application * Enter the verification code into the verification screen … *** #### Step 4: Verification completed * The system validates the code * Verification completes automatically once the code is correct … *** ### 3. Security benefits Email verification helps: * Prevent account creation using invalid or mistyped emails * Ensure secure password recovery * Reduce abuse and fraudulent registrations * Maintain reliable communication with users *** ### 4. Failure and recovery #### Didn’t receive the verification email? * Check spam or junk folders * Confirm the email address is correct * Request a new verification email * Refer to: **What should I do if I don't receive a verification code when signing up or forgot password?** *** ### Additional notes * Verification codes are **one-time use** * Codes automatically expire for security reasons * Email verification is **mandatory** for email-based accounts * MFA-related email codes are handled in a **separate guide** *** ### Summary * Email verification confirms email ownership * Required for email-based sign-up and recovery * Improves account security and reliability * Separate from MFA authentication flows --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://oten.gitbook.io/identity-support/user-guide/account-management/account-security/email-verification.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.