diff --git a/app/controllers/users/activate_controller.rb b/app/controllers/users/activate_controller.rb
index 657e2cf7c..cadf2f9c1 100644
--- a/app/controllers/users/activate_controller.rb
+++ b/app/controllers/users/activate_controller.rb
@@ -30,6 +30,20 @@ class Users::ActivateController < ApplicationController
     end
   end
 
+  def confirm_email
+    user = User.find_by(confirmation_token: params[:token])
+    if user && user.email_verified_at
+      flash[:notice] = "Votre email est déjà vérifié"
+    elsif user && user.confirmation_sent_at > 2.days.ago
+      user.update!(email_verified_at: Time.zone.now)
+      flash[:notice] = 'Votre email a bien été vérifié'
+    else
+      flash[:alert] = "le lien est trop vieux"
+      #to do relancer un lien if user
+    end
+    redirect_to root_path(user)
+  end
+
   private
 
   def user_params
diff --git a/app/controllers/users/dossiers_controller.rb b/app/controllers/users/dossiers_controller.rb
index 3e322e618..ad2892394 100644
--- a/app/controllers/users/dossiers_controller.rb
+++ b/app/controllers/users/dossiers_controller.rb
@@ -147,10 +147,14 @@ module Users
     def update_identite
       @dossier = dossier
       @no_description = true
+      email = dossier_params[:individual_attributes][:email]
 
       if @dossier.update(dossier_params) && @dossier.individual.valid?
-        # TODO: remove this after proper mandat email validation
-        @dossier.individual.update!(email_verified_at: Time.zone.now)
+        # verify for_tiers email
+        if email.present?
+          User.create_or_promote_to_tiers(email, SecureRandom.hex, @dossier)
+        end
+
         @dossier.update!(autorisation_donnees: true, identity_updated_at: Time.zone.now)
         flash.notice = t('.identity_saved')
 
diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb
index 58a28f96f..d6fb81b49 100644
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@@ -48,6 +48,21 @@ class UserMailer < ApplicationMailer
       reply_to: Current.contact_email)
   end
 
+  def invite_tiers(user, token, dossier)
+    @token = token
+    @user = user
+    @dossier = dossier
+    subject = "Vérification de votre mail"
+
+    configure_defaults_for_user(user)
+
+    bypass_unverified_mail_protection!
+
+    mail(to: user.email,
+      subject: subject,
+      reply_to: Current.contact_email)
+  end
+
   def invite_gestionnaire(user, reset_password_token, groupe_gestionnaire)
     @reset_password_token = reset_password_token
     @user = user
diff --git a/app/models/user.rb b/app/models/user.rb
index 1cf2bc3fc..c792bbf18 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -83,6 +83,12 @@ class User < ApplicationRecord
     UserMailer.invite_instructeur(self, set_reset_password_token).deliver_later
   end
 
+  def invite_tiers!(dossier)
+    token = SecureRandom.hex(10)
+    self.update!(confirmation_token: token, confirmation_sent_at: Time.zone.now)
+    UserMailer.invite_tiers(self, token, dossier).deliver_later
+  end
+
   def invite_gestionnaire!(groupe_gestionnaire)
     UserMailer.invite_gestionnaire(self, set_reset_password_token, groupe_gestionnaire).deliver_later
   end
@@ -130,6 +136,17 @@ class User < ApplicationRecord
     user
   end
 
+  def self.create_or_promote_to_tiers(email, password, dossier)
+    user = User
+        .create_with(password: password, confirmed_at: Time.zone.now)
+        .find_or_create_by(email: email)
+
+    if user.valid? && user.unverified_email?
+      user.invite_tiers!(dossier)
+    end
+    user
+  end
+
   def self.create_or_promote_to_administrateur(email, password)
     user = User.create_or_promote_to_instructeur(email, password)
 
diff --git a/app/views/user_mailer/invite_tiers.html.haml b/app/views/user_mailer/invite_tiers.html.haml
new file mode 100644
index 000000000..919918a27
--- /dev/null
+++ b/app/views/user_mailer/invite_tiers.html.haml
@@ -0,0 +1,18 @@
+- content_for(:title, "Vérification de votre mail sur #{Current.application_name}")
+
+%p
+  Bonjour,
+
+%p
+  Un dossier sur la démarche : #{@dossier.procedure.libelle} a été démarré en votre nom par #{@dossier.user.email}.
+
+
+%p
+  Pour continuer à recevoir les mails concernant votre dossier, vous devez confirmer votre adresse email en cliquant sur ce lien :
+
+  = link_to(users_confirm_email_url(token: @token), users_confirm_email_url(token: @token))
+
+%p
+  Pour en savoir plus, veuillez vous rapprocher de #{@dossier.user.email}.
+
+= render partial: "layouts/mailers/signature"
diff --git a/config/routes.rb b/config/routes.rb
index 06f613da0..d76e0c5bf 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -276,6 +276,7 @@ Rails.application.routes.draw do
 
     get 'activate' => '/users/activate#new'
     patch 'activate' => '/users/activate#create'
+    get 'confirm_email/:token' => '/users/activate#confirm_email', as: :confirm_email
   end
 
   # order matters: we don't want those routes to match /admin/procedures/:id
diff --git a/spec/mailers/previews/user_mailer_preview.rb b/spec/mailers/previews/user_mailer_preview.rb
index 39b285c9c..84d3a0830 100644
--- a/spec/mailers/previews/user_mailer_preview.rb
+++ b/spec/mailers/previews/user_mailer_preview.rb
@@ -24,6 +24,10 @@ class UserMailerPreview < ActionMailer::Preview
     UserMailer.invite_instructeur(user, 'aedfa0d0')
   end
 
+  def invite_tiers
+    UserMailer.invite_tiers(user, 'aedfa0d0', Dossier.first )
+  end
+
   def invite_gestionnaire
     groupe_gestionnaire = GroupeGestionnaire.new(name: 'Root admins group')
     UserMailer.invite_gestionnaire(user, 'aedfa0d0', groupe_gestionnaire)