diff --git a/app/main/views/two_factor.py b/app/main/views/two_factor.py
index 00e2a3b53..1e2aadcad 100644
--- a/app/main/views/two_factor.py
+++ b/app/main/views/two_factor.py
@@ -28,7 +28,7 @@ def two_factor_email_sent():
     )
 
 
-@main.route('/email-auth/<token>', methods=['GET'])
+@main.route('/email-auth/<token>', methods=['GET', 'POST'])
 def two_factor_email(token):
     if current_user.is_authenticated:
         return redirect_when_logged_in(platform_admin=current_user.platform_admin)
diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py
index 6b0e4d9d3..5b4dd45b3 100644
--- a/tests/app/main/views/test_two_factor.py
+++ b/tests/app/main/views/test_two_factor.py
@@ -253,6 +253,9 @@ def test_two_factor_should_activate_pending_user(
     assert mock_activate_user.called
 
 
+@pytest.mark.parametrize('http_method', (
+    'get', 'post',
+))
 def test_valid_two_factor_email_link_logs_in_user(
     client,
     valid_token,
@@ -260,10 +263,11 @@ def test_valid_two_factor_email_link_logs_in_user(
     mock_get_services_with_one_service,
     mocker,
     mock_create_event,
+    http_method,
 ):
     mocker.patch('app.user_api_client.check_verify_code', return_value=(True, ''))
 
-    response = client.get(
+    response = getattr(client, http_method)(
         url_for_endpoint_with_token('main.two_factor_email', token=valid_token),
     )