Skip to main content

Enable email verification

Enable email verification#

important

Email verification is turned off by default. It is strongly encouraged to enable it to ensure the authenticity of your users.

There are two modes of email verification:

  • REQUIRED: Requires that the user's email is verified before they can access your application's frontend or backend routes (that are protected with a session).
  • OPTIONAL: Adds information about email verification into the session, but leaves it up to you to enforce it on the backend and frontend based on your business logic.

Backend setup#

import SuperTokens from "supertokens-node";
import EmailVerification from "supertokens-node/recipe/emailverification";
import Session from "supertokens-node/recipe/session";

SuperTokens.init({
appInfo: {
apiDomain: "...",
appName: "...",
websiteDomain: "...",
},
recipeList: [
EmailVerification.init({
mode: "REQUIRED", // or "OPTIONAL"
}),
Session.init(),
],
});

Frontend setup#

Do you use react-router-dom?
YesNo
important

SuperTokens will trigger verification emails by redirecting the user to the email verification path when the mode is set to REQUIRED. If you have set the mode to OPTIONAL or are NOT using the SessionAuth wrapper, you will need to manually trigger the verification email. Our guide on protecting API and website routes will go over the changes that need to be made.

Additionally, note that SuperTokens does not send verification emails post user signup. The user needs to be redirected to the email verification path to trigger the sending of the verification email. This is done automatically when using the prebuilt UI and in REQUIRED mode.

Which UI do you use?
Custom UI
Pre built UI