Activate Account (User Link)
GET/company/auth/activate/:token
Endpoint to activate a company account using the activation token sent via email, verifying the email and enabling access.
Activate a newly registered company account using the activation token sent via email, verifying the email and enabling access.
Use Cases
- User clicks the activation link in the registration email
- User directly accesses the URL with the activation token
- System activates the account after verifying the token
Process Flow
- User receives a welcome email with an activation link
- User clicks the link pointing to this GET endpoint
- Server searches for the user by the recovery token in the database
- If the user exists and the token is valid, the account is marked as active
- Status is set to: true, emailVerified: true, and emailVerifiedDate is recorded
- The activation token is removed (marked as used)
- An activation confirmation email is sent to the user
- A success HTML template is rendered
- If the token is invalid, an error template is rendered
Security
- Token is single-use
- Only inactive accounts can be activated
- Email is verified at the moment of activation
- Token has limited validity
- No authentication required (user cannot yet access the system)
Request
Responses
- 200
- 404
Account successfully activated
Token not found or invalid