Resend Verification
Information about resending email verification for invited users.
Overview
EntryGuard does not have a dedicated "resend verification" endpoint. Email verification is handled automatically as part of the user invitation process.
How Email Verification Works
When an organization admin creates a new user via POST /api/v1/users:
- The user is created in a pending state
- An invitation email is automatically sent to the user's email address
- The email contains a secure invitation link with a one-time token
- The user clicks the link and sets their password via
POST /api/v1/auth/set-password - Setting the password automatically verifies the email address
Resending Invitations
If a user did not receive their invitation email or the token has expired, there are two options:
Option 1: Delete and Recreate the User (Recommended)
Organization admins can delete the pending user and create them again, which will send a new invitation email:
# Delete the user
curl -X DELETE https://api.entryguard.io/api/v1/users/{userId} \
-H "Authorization: Bearer {adminAccessToken}"
# Create the user again (sends new invitation email)
curl -X POST https://api.entryguard.io/api/v1/users \
-H "Authorization: Bearer {adminAccessToken}" \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"name": "Jane Smith",
"isOrgAdmin": false
}'
Option 2: Contact Support
For Enterprise and Platform tier customers, contact EntryGuard support to manually resend an invitation email or extend the token expiration.
Token Expiration
- Invitation tokens typically expire after 7 days
- Tokens are single-use and invalidated after the user sets their password
- There is currently no automated way to resend an invitation without recreating the user
Email Delivery Issues
If a user is not receiving invitation emails, check the following:
- Spam/Junk Folder: Invitation emails may be filtered by email providers
- Email Address Typo: Verify the email address is correct in the user record
- Email Server Issues: Temporary delivery failures may occur
- Blocked Sender: Ensure
[email protected]is not blocked
To check the user's email address:
curl -X GET https://api.entryguard.io/api/v1/users/{userId} \
-H "Authorization: Bearer {adminAccessToken}"
Related Endpoints
- Create User - Creates a user and sends invitation email
- Delete User - Deletes a user (allows recreating to resend invitation)
- Verify Email - Sets password and verifies email using invitation token
Best Practices
For Organization Admins
- Double-check email addresses before creating users
- Inform users to check spam folders for invitation emails
- Set up email allowlisting for
[email protected]in your organization - If a user doesn't receive the email within 15 minutes, delete and recreate the user
For Users
- Check your spam/junk folder for emails from
[email protected] - Add
[email protected]to your email contacts/safe senders list - Contact your organization admin if you don't receive the invitation within 24 hours
- Invitation links expire after 7 days, so act promptly
Future Enhancements
A dedicated resend invitation endpoint is planned for a future release. This will allow admins to resend invitation emails without deleting and recreating users.
Example: Complete Invitation Flow
// JavaScript example - admin creates user and handles resend scenario
// Create a new user (sends invitation email)
async function createUser(email, name) {
const response = await fetch('https://api.entryguard.io/api/v1/users', {
method: 'POST',
headers: {
'Authorization': `Bearer ${adminAccessToken}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
email,
name,
isOrgAdmin: false
})
});
if (response.ok) {
const user = await response.json();
console.log(`Invitation sent to ${email}`);
return user;
} else {
console.error('Failed to create user');
return null;
}
}
// Resend invitation by deleting and recreating user
async function resendInvitation(userId, email, name) {
// Delete existing user
const deleteResponse = await fetch(`https://api.entryguard.io/api/v1/users/${userId}`, {
method: 'DELETE',
headers: {
'Authorization': `Bearer ${adminAccessToken}`
}
});
if (!deleteResponse.ok) {
console.error('Failed to delete user');
return null;
}
// Recreate user (sends new invitation)
return await createUser(email, name);
}