diff --git a/app/main/views/verify.py b/app/main/views/verify.py
index fe81b2b89..9e434ff65 100644
--- a/app/main/views/verify.py
+++ b/app/main/views/verify.py
@@ -63,6 +63,13 @@ def verify_email(token):
         return redirect(url_for('main.sign_in'))
 
     session['user_details'] = {"email": user.email_address, "id": user.id}
+
+    if user.email_auth:
+        try:
+            return activate_user(user.id)
+        finally:
+            session.pop('user_details', None)
+
     user.send_verify_code()
     return redirect(url_for('main.verify'))
 
diff --git a/tests/app/main/views/test_verify.py b/tests/app/main/views/test_verify.py
index e84ebae0a..1db9ef38c 100644
--- a/tests/app/main/views/test_verify.py
+++ b/tests/app/main/views/test_verify.py
@@ -8,6 +8,7 @@ from itsdangerous import SignatureExpired
 from notifications_python_client.errors import HTTPError
 
 from app.main.views.verify import activate_user
+from tests.conftest import create_user
 
 
 def test_should_return_verify_template(
@@ -109,12 +110,6 @@ def test_verify_email_redirects_to_verify_if_token_valid(
     token_data = {"user_id": api_user_pending['id'], "secret_code": 'UNUSED'}
     mocker.patch('app.main.views.verify.check_token', return_value=json.dumps(token_data))
 
-    with client_request.session_transaction() as session:
-        session['user_details'] = {
-            'email_address': api_user_pending['email_address'],
-            'id': api_user_pending['id'],
-        }
-
     client_request.get(
         'main.verify_email',
         token='notreal',
@@ -128,6 +123,36 @@ def test_verify_email_redirects_to_verify_if_token_valid(
         assert session['user_details'] == {'email': api_user_pending['email_address'], 'id': api_user_pending['id']}
 
 
+def test_verify_email_doesnt_verify_sms_if_user_on_email_auth(
+    client_request,
+    mocker,
+    mock_send_verify_code,
+    mock_check_verify_code,
+    mock_activate_user,
+    fake_uuid,
+):
+    pending_user_with_email_auth = create_user(auth_type='email_auth', state='pending', id=fake_uuid)
+
+    mocker.patch('app.user_api_client.get_user', return_value=pending_user_with_email_auth)
+    token_data = {"user_id": pending_user_with_email_auth['id'], "secret_code": 'UNUSED'}
+    mocker.patch('app.main.views.verify.check_token', return_value=json.dumps(token_data))
+
+    client_request.get(
+        'main.verify_email',
+        token='notreal',
+        _expected_redirect=url_for('main.add_service', first='first', _external=True),
+    )
+
+    assert not mock_check_verify_code.called
+    assert not mock_send_verify_code.called
+
+    mock_activate_user.assert_called_once_with(pending_user_with_email_auth['id'])
+
+    # user is logged in
+    with client_request.session_transaction() as session:
+        assert session['user_id'] == pending_user_with_email_auth['id']
+
+
 def test_verify_email_redirects_to_email_sent_if_token_expired(
     client_request,
     mocker,