## Link access verification

Corporate email servers often use crawlers to check incoming links for security reasons. This process can unintentionally trigger and invalidate authentication links before users click them.

To prevent this, Frontegg introduces an additional verification step, ensuring authentication links remain valid and secure across different authentication flows.

### How link access verification works

When a user clicks an authentication link, a verification step is added before completing the action. This extra step integrates seamlessly into existing authentication flows, maintaining security while ensuring a smooth user experience.

Once published, each authentication flow will automatically include this verification step.

### Supported authentication flows

Frontegg’s verification mechanism ensures the integrity of authentication flows such as magic link authentication, user activation, new account invitations, and account unlocking.

#### Magic link authentication

Users receive a magic link to verify their identity before accessing their account, while the extra verification step ensures that login attempts via email links remain valid.

![magic-link](/assets/magic-link.99e6baf5d19a7b8b268c0acba49409a67b96a368e09af537156c3e344b73e7cf.56bb33c9.png)

#### User activation

Users can activate their accounts without interference, while the extra verification step ensures that account activation links remain protected.

![activate-account](/assets/activate-account.3d2fdc94bbfe8a5b33443cf11e4ba2483b33c2f9af03c27e8728463e5a38e27e.56bb33c9.png)

#### New account invitation

Users invited to an account must confirm their identity before joining. The extra verification step prevents premature link invalidation when adding a user to another account.

![accept-invitation](/assets/accept-invitation.12491320d60eec01525edac6e8c352491e36bef72d9dd1ced16ae0d2d99b0d93.56bb33c9.png)

#### Unlock account

If an account is locked due to security rules, users must verify their identity to unlock access, while the extra verification step guarantees that recovery links work when needed. This email is triggered by security rules that have a `lock` option. For additional details, see [here](/ciam/guides/security-center/security-rules/overview#actions-for-each-defense).

![unlock-account](/assets/unlock-account.ff03405e1f6d936261ecb681d4fa72fb857788dc46c12a6a87b6652f42761ee0.56bb33c9.png)

### Enabling link access verification

1. Navigate to the bottom left corner of the Frontegg Builder.


![confirmation-step](/assets/confirmation-step.47ab264dfcd88cbc63902e6631fbb129527d0c325fc5c3f88285dbd7c5e7249b.56bb33c9.png)

1. Enable the **Confirmation Step** toggle. Once enabled:


* Hosted login updates automatically.
* Embedded login requires updating to the latest SDK versions listed below.


br
Prerequisites
@frontegg/react@7.6.3
@frontegg/angular@7.14.0
@frontegg/vue@4.6.1
@frontegg/nextjs@9.2.2
@frontegg/js@7.60.0

br
Styles & localizations
The additional screen will automatically match your application's styles and logo as configured in the builder. To customize text on each screen, refer to [this guide](/ciam/sdks/customizations/configuration-old).