Cornerspot

How recipients verify their identity with an access code in CornerSpot

Updated Jun 16, 2026 Signing Experience

For sensitive agreements, CornerSpot can require each recipient to enter a one-time access code before they can open the document. It's an extra identity check on top of the unique signing link. This guide explains how you turn it on as the sender, and exactly what your recipient experiences.

What is an access code (OTP)?

An access code is a 6-digit one-time code emailed to the recipient's address on file. When an envelope is sent with this option enabled, the recipient can't view the document until they request a code and enter it correctly. The code expires after 15 minutes and is good for a single use, so a forwarded link alone isn't enough to open the document.

Turn on an access code as the sender

You enable the access code on the envelope before you send it.

1. Open your draft envelope

From E-Sign, create or open a draft envelope and get it ready to send — at least one document, one recipient, and one field for a signer to complete.

The E-Signatures page in CornerSpot
The E-Signatures page, where you create and open envelopes.
A draft envelope in CornerSpot with a recipient and a placed field, ready to send
A draft envelope with a recipient and a placed field, ready to secure and send.

2. Open Settings and enable “Access code (OTP)”

In the builder's right rail, click Settings to open the Envelope settings panel. Turn on Access code (OTP) — “Require recipients to enter a one-time code” — then click Done to save. Settings are saved when you click Done and are applied to the signer access rules.

Turning on the Access code (OTP) option in the Envelope settings panel in CornerSpot
Turning on the Access code (OTP) option in Envelope settings.

3. Send the envelope

Click Send for signature. The confirmation dialog notes that recipients will need an access code (sent separately), alongside the recipients and roles. Confirm with Send envelope to deliver the signing links.

The Send envelope confirmation dialog in CornerSpot noting an access code is required
The send confirmation, noting an access code will be required.

What your recipient experiences

When the recipient clicks the link in their invitation email, they don't go straight to the document — they're asked to verify their identity first.

1. “Verify your identity”

The recipient sees a Verify your identity step explaining that the sender requires an access code. They click Send code to have a one-time code emailed to their address on file.

The Verify your identity access-code stage a recipient sees on the CornerSpot signing page
The recipient is asked to verify their identity with an access code.

2. Enter the code from the email

CornerSpot emails a 6-digit code in a separate message. The recipient copies it from that email and enters it in the Access code field. If it doesn't arrive, a Resend code option sends a fresh one (with a short cooldown between requests).

A recipient entering the 6-digit access code on the CornerSpot signing page
Entering the 6-digit access code on the signing page.

3. Verify and continue

The recipient clicks Verify and continue. Once the code checks out, the document unlocks and they proceed to consent and signing as normal.

The Verify and continue button on the CornerSpot signing page access-code step
Clicking Verify and continue to unlock the document.

If the code doesn't work

  • Mistyped or expired code: the page shows “Invalid or expired code.” The recipient can request a fresh one with Resend code — each code expires after 15 minutes and is single-use.
  • Too many attempts: repeated failures are rate-limited, with a short wait before trying again.
  • Code never arrives: ask the recipient to check spam, confirm you sent it to the right email, and use Resend code. Because the code goes to their address on file, it's also a quick way to confirm you have the correct contact details.

When to require an access code

  • Use it for sensitive or high-value agreements where you want an extra check that the right person is signing.
  • It pairs well with an expiration date and the audit trail for a tighter, verifiable signing process.
  • For routine, low-risk documents you can leave it off — the unique signing link is already specific to each recipient.

Was this article helpful?

Previous
How recipients sign and adopt a signature in CornerSpot

Related articles

SIGNING EXPERIENCE

How a recipient declines to sign, and what happens next, in CornerSpot

Understand the decline path — how a recipient chooses Decline to sign and enters a reason, and what follows: the envelope moves to Declined, you’re notified with the reason, and no one else can sign.

SIGNING EXPERIENCE

How recipients sign and adopt a signature in CornerSpot

See the recipient signing experience in CornerSpot — review and consent, complete the required fields, adopt a signature by typing, drawing, or uploading, then finish to get a signed copy.

SIGNING EXPERIENCE

What your recipients experience when signing a CornerSpot document

A tour of the signer side: what recipients see after clicking the email link — the branded review & consent page, the guided document view, and the completion page with a signed copy.