Met Websecurity Confirmaccount
## WebSecurity.ConfirmAccount() Method
The `WebSecurity.ConfirmAccount()` method is used to confirm and activate a user account using a unique account confirmation token. This is a core method in ASP.NET Web Pages (SimpleMembership) used to implement email verification workflows.
---
## Definition
The `ConfirmAccount()` method validates the provided confirmation token against the membership database. If the token is valid and has not expired, the associated user account is marked as confirmed (activated), allowing the user to log in.
---
## Syntax
### C# Syntax
```csharp
public static bool ConfirmAccount(string accountConfirmationToken)
```
### VB.NET Syntax
```vb
Public Shared Function ConfirmAccount(accountConfirmationToken As String) As Boolean
```
---
## Parameters
| Parameter | Type | Description |
| :--- | :--- | :--- |
| *accountConfirmationToken* | `String` | The unique confirmation token that was generated when the account was created. |
---
## Return Value
| Type | Description |
| :--- | :--- |
| `Boolean` | Returns `true` if the account was successfully confirmed; otherwise, `false` (e.g., if the token is invalid, expired, or already used). |
---
## Code Examples
The following examples demonstrate how to retrieve a confirmation token from a query string (usually sent via an email link), log out any currently active session, and attempt to confirm the account.
### C# Example
```csharp
string message = "";
// Retrieve the confirmation token from the URL query string
var confirmationToken = Request;
// Log out the current user to prevent session conflicts during activation
WebSecurity.Logout();
if (!confirmationToken.IsEmpty())
{
if (WebSecurity.ConfirmAccount(confirmationToken))
{
message = "Registration confirmed. You can now log in.";
}
else
{
message = "Could not confirm your registration. The token may be invalid or expired.";
}
}
```
### VB.NET Example
```vb
Dim message As String = ""
' Retrieve the confirmation token from the URL query string
Dim confirmationToken = Request("confirmationCode")
' Log out the current user to prevent session conflicts during activation
WebSecurity.Logout()
If Not confirmationToken.IsEmpty() Then
If WebSecurity.ConfirmAccount(confirmationToken) Then
message = "Registration confirmed. You can now log in."
Else
message = "Could not confirm your registration. The token may be invalid or expired."
End If
End If
```
---
## Remarks & Workflow
1. **Token Generation**: The confirmation token is typically generated when the account is first created using methods such as `WebSecurity.CreateUserAndAccount()` (with the `requireConfirmationToken` parameter set to `true`).
2. **Email Verification**: The standard workflow involves sending this token to the user's registered email address as part of a verification link (e.g., `https://yourdomain.com/Confirm?confirmationCode=TOKEN_VALUE`).
3. **Activation**: When the user clicks the link, your application reads the token from the query string and passes it to `WebSecurity.ConfirmAccount()`.
---
## Errors and Exceptions
An `InvalidOperationException` will be thrown if:
* The `WebSecurity.InitializeDatabaseConnection()` method has not been called to initialize the membership system.
* **SimpleMembership** is not initialized or has been explicitly disabled in the website configuration.
---
## Technical Reference
| Name | Value |
| :--- | :--- |
| **Namespace** | `WebMatrix.WebData` |
| **Assembly** | `WebMatrix.WebData.dll` |
YouTip