Sign in
Guides / Integration guides

Recipient Email Verification

Giftronaut protects every gift card redemption with email-based identity verification. Before a recipient can access their gift, they must prove ownership of the email address the card was sent to — no passwords or accounts required.

How it works

The verification flow is entirely managed by Giftronaut. When a recipient attempts to redeem a gift card, they are asked to confirm their identity via a one-click link sent to their inbox.

#WhoWhat happens
1 You (API) Place an order via the API — no special configuration required
2 Giftronaut Delivers the gift card email to the recipient with a Redeem button
3 Recipient Clicks Redeem — the gift card page opens in their browser
4 Recipient Clicks Send verification email on the gift card page
5 Giftronaut Sends a new email containing a secure verification link with an embedded token (valid for 10 minutes)
6 Recipient Clicks the link in that email — verification succeeds and they are taken directly to the redemption page
The verification link contains a short-lived token embedded in the URL. Recipients never need to copy or type a code — a single click is all it takes.

Why this matters for your integration

The entire verification layer is built into Giftronaut. You get the following benefits with zero additional implementation work:

  • Blocks unauthorized redemptions. Only someone who controls the recipient's inbox can complete verification — forwarded redemption links and phishing attempts are stopped at the verification step.
  • Frictionless for recipients. There is nothing to memorize or type. Verification is a single email click — familiar to anyone who has ever reset a password.
  • No accounts required. Recipients verify through their existing email inbox. No sign-up, no password, no app installation.
  • Reduces disputed redemptions. Because each verification event is tied to an inbox action, there is a clear audit trail if a recipient disputes whether they received or redeemed a gift.
  • Compliance-friendly. Email ownership verification provides a meaningful level of identity assurance for incentive programs subject to gift-card or reporting regulations.

What you need to do

Nothing. Email verification is automatically enforced for every order. There is no API flag to enable and no webhook to handle.

Use accurate email addresses. The verification link is sent to the same address you provide in recipients[].email. If that address is incorrect, the recipient cannot complete verification. Use the Resend endpoint to correct an email address and re-send the gift.

Verification link details

DetailValue
Delivery methodEmail — a magic link with an embedded token
Link validity10 minutes from when the verification email is sent
Expired linkRecipient can request a new verification email from the gift card page
ScopeEach token is single-use and bound to the specific recipient and order