![outlook identity verification app outlook identity verification app](https://osiprodeusodcspstoa01.blob.core.windows.net/en-us/media/9e506577-7621-4170-b816-6b9f04ffad1f.png)
While DKIM and SPF are sufficient for some scenarios, that solution will not work in some situations where emails are sent via an external provider, which can lead to recipients not experiencing the enhanced actionable message. Your actionable message emails must either originate from servers that implement DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF), or you must implement signed cards. Office 365 requires sender verification in order to enable actionable messages via email. This is optional, but highly recommended. Include Limited Purpose Token from your service as part of the target URL, which can be used by your service to correlate the service URL with the intended request & user.Verification can also be done leveraging the sample libraries provided by Microsoft. Verify the bearer token (a JSON Web token) included in the header of the HTTP POST request.Action processing phase: When processing an action, your service should:.
![outlook identity verification app outlook identity verification app](https://hirebridge.zendesk.com/hc/article_attachments/360041232132/Screen_Shot_2019-10-21_at_3.48.42_PM.png)
![outlook identity verification app outlook identity verification app](https://blog.ironbastion.com.au/content/images/2018/05/enter-code-twostep-verif-outlook-msa.jpg)
There are two phases within the end-to-end experience that impose security requirements on your service when supporting actionable messages with Office 365. Securing actionable email is simple and easy.