Email Verification
The Arena platform supports requiring users to verify their email address before they register. If email verification is enabled, users will be sent an email with a code (OTP) that they must enter to verify their email address, before they can register. Email verification is enabled by default (highly recommended), though it can be configured to be disabled.
Rate Limiting
The Arena platform rate limits the number of email verification requests that can be made by a single IP address to prevent abuse.
Use CAPTCHA to Protect Against Bots
Email verification is not ideally meant to prevent spam registrations especially by bots,. You should use any one of the supported CAPTCHA provider from the platform integrations page to prevent spam registrations from bots. This is because bots can spam the email verification system, and cause service disruptions.
If participants are registering from their institutional or professional email addresses, they may not be able to receive the verification email, because their email servers may quarantine the email for some hours or block unknown senders. In such cases, as organizers you may manually import participants into the platform, ask them to use personal email addresses, or use SSO/OAuth (in case all participants are from same organization).
For SSO & OAuth Users
For SSO and OAuth users, the email verification process is handled by the SSO or OAuth provider. No additional email is sent to the user, or OTP code is required to be entered by the user to register.
Skipping Email Verification
Organizers can optionally also turn off enforcing email verification, though this is not recommended.
Also, when a user is invited to an event using an invitation code sent to their email address, the email verification process is skipped, and the user is automatically verified. Similarly, email verification is skipped when a user is imported/added via a CSV by an organizer.