OTP Verification Email
Type: otp-verification
One-time password (OTP) emails are sent automatically when users choose to sign in with email instead of social authentication. This email cannot be disabled as it’s required for users to sign in.
What It Does
Sends a secure 6-digit code that users enter to verify their identity and complete the login process.
The email preview below shows placeholder text. In actual emails, “YourJobBoard” will be replaced with your organization name, and the sender email will be your configured email address.
The email preview below shows placeholder text. In actual emails, “YourJobBoard” will be replaced with your organization name, and the sender email will be your configured email address.
Hello,
Your verification code for YourJobBoard is:
123456
This code will expire in 60 minutes.
If you did not request this code, you can safely ignore this email.
Who Receives It
- All users who sign in with email (both job seekers and employers)
- Sent every time a user requests email-based login
- Not sent for Google Sign-In or other OAuth methods
When It’s Sent
- Every time a user requests email login
- Immediately upon email submission
- Each new request invalidates previous codes
Available Variables
| Variable | Description |
|---|---|
{productName} | Your organization/job board name |
{otpCode} | 6-digit verification code |
{expiryMinutes} | Minutes until code expires (default: 60) |
Key Details
- Expiry: Default 60 minutes (configurable)
- Recipient Type: Individual user (
job_poster) - Cannot be disabled - required for authentication
- Template can be customized but email must be sent
Customization
You can customize:
- Email template design and layout
- From name and email address (with custom SMTP)
- Code expiration time (
{expiryMinutes}) - Warning and security messages
Note: The OTP code itself cannot be customized - it’s always a secure 6-digit number.
Security Best Practices
✅ Default 60-minute expiration - balances security and usability ✅ Include warnings - Tell users never to share their code ✅ Use custom domain - Improves trust and deliverability ✅ Automatic invalidation - New codes invalidate old ones
Troubleshooting
Code not arriving?
- Check spam/junk folders
- Verify email service is configured
- Ensure user entered correct email address
Code expired?
- Codes expire after 60 minutes by default
- User can request a new code
- Previous codes are automatically invalidated
Related: Welcome Email • Custom SMTP Setup