--- descriptions: authentication: email_verification_code: The one-time email verification code received by the user. reference: curl: - key: authenticate_email_verification id: authenticate_email_verification url: /reference/authkit/authentication/email-verification title: /user_management/authenticate type: POST parameters: - key: client_id type: string description: (client_id) - key: client_secret type: string description: (client_secret) - key: grant_type type: '"urn:workos:oauth:grant-type:email-verification:code"' description: (authentication.grant_type) - key: code type: string description: (authentication.email_verification_code) - key: pending_authentication_token type: string description: (authentication.pending_authentication_token) - key: ip_address type: string optional: true description: (authentication.ip_address) - key: user_agent type: string optional: true description: (authentication.user_agent) returns: - key: anonymous type: object unwrap: true properties: - key: user type: user description: (user.self) - key: authentication_method type: >- "SSO" | "Password" | "AppleOAuth" | "GitHubOAuth" | "GoogleOAuth" | "MicrosoftOAuth" | "MagicAuth" | "Impersonation" optional: false description: (authentication.authentication_method) - key: organization_id type: string optional: true description: (authentication.organization_id) js: - key: authenticateWithEmailVerification id: authenticate_email_verification url: /reference/authkit/authentication/email-verification title: userManagement.authenticateWithEmailVerification() parameters: - key: options type: object unwrap: true properties: - key: clientId type: string description: (client_id) - key: code type: string description: (authentication.email_verification_code) - key: pendingAuthenticationToken type: string description: (authentication.pending_authentication_token) - key: ipAddress type: string optional: true description: (authentication.ip_address) - key: userAgent type: string optional: true description: (authentication.user_agent) - key: session type: object optional: true unwrap: true properties: - key: sealSession type: boolean description: (authentication.seal_session) - key: cookiePassword type: string optional: true description: (authentication.cookie_password_seal) returns: - key: anonymous type: object unwrap: true properties: - key: user type: User description: (user.self) - key: organizationId type: string optional: true description: (authentication.organization_id) - key: authenticationMethod type: >- "SSO" | "Password" | "AppleOAuth" | "GitHubOAuth" | "GoogleOAuth" | "MicrosoftOAuth" | "MagicAuth" | "Impersonation" optional: false description: (authentication.authentication_method) - key: sealedSession type: string optional: true description: (authentication.sealed_session) python: - key: authenticate_with_email_verification id: authenticate_email_verification url: /reference/authkit/authentication/email_verification title: user_management.authenticate_with_email_verification() parameters: - key: code type: str description: (authentication.email_verification_code) - key: pending_authentication_token type: str description: (authentication.pending_authentication_token) - key: ip_address type: str optional: true description: (authentication.ip_address) - key: user_agent type: str optional: true description: (authentication.user_agent) returns: - key: anonymous type: AuthenticationResponse unwrap: true properties: - key: user type: User description: (user.self) - key: organization_id type: str optional: true description: (authentication.organization_id) - key: access_token type: str optional: false description: (authentication.access_token) - key: refresh_token type: str optional: false description: (authentication.refresh_token) go: - key: AuthenticateWithEmailVerification id: authenticate_email_verification url: /reference/authkit/authentication/email-verification title: usermanagement.AuthenticateWithEmailVerification() parameters: - (ctx) - key: opts type: usermanagement.AuthenticateWithEmailVerificationOpts unwrap: true properties: - key: ClientID type: string description: (client_id) - key: Code type: string description: (authentication.email_verification_code) - key: PendingAuthenticationToken type: string description: (authentication.pending_authentication_token) - key: IPAddress type: string optional: true description: (authentication.ip_address) - key: UserAgent type: string optional: true description: (authentication.user_agent) returns: - key: response type: object unwrap: true properties: - key: User type: User description: (user.self) - key: OrganizationID type: string optional: true description: (authentication.organization_id) - (err) php: - key: authenticateWithEmailVerification id: authenticate_email_verification url: /reference/authkit/authentication/email-verification title: $userManagement->authenticateWithEmailVerification() parameters: - key: options type: object unwrap: true properties: - key: clientId type: string description: (client_id) - key: code type: string description: (authentication.email_verification_code) - key: pendingAuthenticationToken type: string description: (authentication.pending_authentication_token) - key: ipAddress type: string optional: true description: (authentication.ip_address) - key: userAgent type: string optional: true description: (authentication.user_agent) returns: - key: anonymous type: object unwrap: true properties: - key: user type: User description: (user.self) - key: organizationId type: string optional: true description: (authentication.organization_id) ruby: - key: authenticate_with_email_verification id: authenticate_email_verification url: /reference/authkit/authentication/email-verification title: UserManagement.authenticate_with_email_verification() parameters: - key: options type: object unwrap: true properties: - key: client_id type: String description: (client_id) - key: code type: String description: (authentication.email_verification_code) - key: pending_authentication_token type: String description: (authentication.pending_authentication_token) - key: ip_address type: String optional: true description: (authentication.ip_address) - key: user_agent type: String optional: true description: (authentication.user_agent) returns: - key: anonymous type: object unwrap: true properties: - key: user type: User description: (user.self) - key: organization_id type: String optional: true description: (authentication.organization_id) java: - key: authenticateWithEmailVerification id: authenticate_email_verification url: /reference/authkit/authentication/email-verification title: userManagement.authenticateWithEmailVerification() parameters: - key: clientId type: String description: (client_id) - key: code type: String description: (authentication.email_verification_code) - key: pendingAuthenticationToken type: String description: (authentication.pending_authentication_token) - key: options type: AuthenticationAdditionalOptionsBuilder optional: true unwrap: true properties: - key: invitationToken type: String optional: true description: (authentication.invitation_token) - key: ipAddress type: String optional: true description: (authentication.ip_address) - key: userAgent type: String optional: true description: (authentication.user_agent) returns: - key: response type: Authentication unwrap: true properties: - key: user type: User optional: true description: (user.self) - key: organizationId type: String optional: true description: (authentication.organization_id) - key: accessToken type: string optional: true description: (authentication.access_token) - key: refreshToken type: string optional: true description: (authentication.refresh_token) - key: impersonator type: AuthenticationImpersonator optional: true properties: - key: email type: String description: (authentication.impersonator.email) - key: reason type: String optional: true description: (authentication.impersonator.reason) originalPath: >- .tmp-workos-clone/packages/docs/content/reference/authkit/authentication/email-verification.mdx --- ## Authenticate with an email verification code Authenticates a user with an unverified email and verifies their email address. A user with an unverified email address won’t be able to authenticate right away. When they attempt to authenticate with their credentials, the API will return an [email verification required error](/reference/authkit/authentication-errors/email-verification-required-error) that contains a pending authentication token. If the [email setting](/authkit/custom-emails) for email verification is enabled, WorkOS will automatically send a one-time email verification code to the user’s email address. If the email setting is not enabled, [retrieve the email verification code](/reference/authkit/email-verification/get) to send the email yourself. Use the pending authentication token from the error and the one-time code the user received to authenticate them and to complete the email verification process.