diff --git a/app/user/rest.py b/app/user/rest.py
index 2aa2bda3a..49d018354 100644
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -130,9 +130,11 @@ def verify_user_code(user_id):
     if user_to_verify.failed_login_count >= current_app.config.get('MAX_VERIFY_CODE_COUNT'):
         raise InvalidRequest("Code not found", status_code=404)
     if not code:
+        # only relevant from sms
         increment_failed_login_count(user_to_verify)
         raise InvalidRequest("Code not found", status_code=404)
     if datetime.utcnow() > code.expiry_datetime or code.code_used:
+        # sms and email
         increment_failed_login_count(user_to_verify)
         raise InvalidRequest("Code has expired", status_code=400)
 
@@ -234,7 +236,7 @@ def send_user_confirm_new_email(user_id):
             'url': _create_confirmation_url(user=user_to_send_to, email_address=email['email']),
             'feedback_url': current_app.config['ADMIN_BASE_URL'] + '/support'
         },
-        notification_type=EMAIL_TYPE,
+        notification_type=template.template_type,
         api_key_id=None,
         key_type=KEY_TYPE_NORMAL
     )
@@ -260,7 +262,7 @@ def send_new_user_email_verification(user_id):
             'name': user_to_send_to.name,
             'url': _create_verification_url(user_to_send_to)
         },
-        notification_type=EMAIL_TYPE,
+        notification_type=template.template_type,
         api_key_id=None,
         key_type=KEY_TYPE_NORMAL
     )
@@ -286,7 +288,7 @@ def send_already_registered_email(user_id):
             'forgot_password_url': current_app.config['ADMIN_BASE_URL'] + '/forgot-password',
             'feedback_url': current_app.config['ADMIN_BASE_URL'] + '/support'
         },
-        notification_type=EMAIL_TYPE,
+        notification_type=template.template_type,
         api_key_id=None,
         key_type=KEY_TYPE_NORMAL
     )
@@ -348,7 +350,7 @@ def send_user_reset_password():
             'user_name': user_to_send_to.name,
             'url': _create_reset_password_url(user_to_send_to.email_address)
         },
-        notification_type=EMAIL_TYPE,
+        notification_type=template.template_type,
         api_key_id=None,
         key_type=KEY_TYPE_NORMAL
     )
diff --git a/app/user/users_schema.py b/app/user/users_schema.py
index 357ab9f4a..4f4b27f8c 100644
--- a/app/user/users_schema.py
+++ b/app/user/users_schema.py
@@ -13,7 +13,10 @@ post_verify_code_schema = {
 
 post_send_user_email_code_schema = {
     '$schema': 'http://json-schema.org/draft-04/schema#',
-    'description': 'POST schema for generating a 2fa email',
+    'description': (
+        'POST schema for generating a 2fa email - "to" is required for legacy purposes. '
+        '"next" is an optional url to redirect to on sign in'
+    ),
     'type': 'object',
     'properties': {
         # doesn't need 'to' as we'll just grab user.email_address. but lets keep it
@@ -28,7 +31,7 @@ post_send_user_email_code_schema = {
 
 post_send_user_sms_code_schema = {
     '$schema': 'http://json-schema.org/draft-04/schema#',
-    'description': 'POST schema for generating a 2fa email',
+    'description': 'POST schema for generating a 2fa sms',
     'type': 'object',
     'properties': {
         'to': {'type': ['string', 'null']},
diff --git a/tests/app/user/test_rest_verify.py b/tests/app/user/test_rest_verify.py
index e41dacc2c..4d83ee9f1 100644
--- a/tests/app/user/test_rest_verify.py
+++ b/tests/app/user/test_rest_verify.py
@@ -12,9 +12,9 @@ from freezegun import freeze_time
 from app.dao.users_dao import create_user_code
 from app.dao.services_dao import dao_update_service, dao_fetch_service_by_id
 from app.models import (
-    VerifyCode,
-    User,
     Notification,
+    User,
+    VerifyCode,
     EMAIL_TYPE,
     SMS_TYPE
 )