Do DocuSign envelope notification emails expire?

DocuSign Envelope Notification Email Link Expiration

All links to envelopes from DocuSign email notifications which do not have Recipient Authentication (Access Code, SMS, etc.) or Single Sign On (SSO) login requirements applied by the sender will expire after 5 clicks or 48 hours. Any envelope with Recipient Authentication applied will not be impacted by link expiration*.

  • Note: This behavior can be affected by the Security Settings on your account. Please see the Best Practices section below for more information.

How do I get access to my documents?

Note: If you have an Active DocuSign Account, you can log in to access your document instead of using the link. You can always access your documents by logging into your DocuSign account, even if the email link has expired.

Otherwise when you click on the expired link the first time, it will auto send new email notification and present a page advising that the link has expired and a new notification has been sent. 


For Your Security, We've Sent You a New Link. This link has expired.

All future clicks on the expired email link will offer to send a new email notification with a fresh link.


This link from your email has expired. To continue, request a new link or log into your DocuSign Account

Sender and Administrator - Best Practices

As a best practice, Administrators and Senders should ensure all envelopes have at least one Recipient Authentication method enabled. This both increases the security of your envelopes and (in most cases) avoids the notification expiration behavior.

  • Option 1 - Senders should manually apply an Access Code and/or one of our Recipient Authentication methods for each recipient on each envelope.
  • Option 2 - DocuSign Administrators can choose to impose stricter requirements and require all recipients to pass an authentication check before they can access and sign on any documents sent from the account. If authentication is required for your account, when you send envelopes, you will be required to add one of the Identity Authentication methods (phone, SMS, or knowledge-based) for each recipient. Please note that Access Code is not included in these Identity Authentication methods.​
  • ​Option 3 - DocuSign Administrators can require recipients to authenticate by logging into DocuSign before they can access envelopes.
If your primary function of applying Recipient Authentication is to avoid having your DocuSign Notification links expire, you will need to ensure that your Security Settings are configured to consistently enforce authentication. Please see an explanation of expiration behavior with regards to the various Security Settings below:
  • Scenario 1: Recipient Authentication Trigger is set to "The first time a recipient accesses an envelope per device" (with or without "Completed envelopes are accessible without additional authentication" enabled)
Security Settings - Authentication Triggers - First Access
  • With this configuration, DocuSign Envelope Notification links will not expire so long as the recipient has not yet completed authentication. We will prevent expiry only if the Recipient Authentication Trigger is set to "Every time a recipient accesses an envelope". Once the recipient has successfully authenticated, their Envelope Notifications are subject to expiration as if there is no authentication applied. Because the recipient will not be asked to authenticate again, DocuSign applies automatic expiration settings as a fail safe security measure. This means that after successfully authenticating, the link will expire after 5 accesses or 48 hours. Once the link has expired, the recipient will be asked to authenticate again from the new link before they are allowed to access the envelope. 
  • Scenario 2: Recipient Authentication Trigger is set to "Every time a recipient accesses an envelope" and Recipient Authentication Skip Option is set to "Recipients cannot skip authentication when accessing subsequent envelopes from the same sender"
Security Settings - Authentication Triggers - First Access, No Skip
  • With this configuration, DocuSign Envelope Notification links will not expire. Because the recipient is asked to authenticate on every access to the envelope, there is no need for DocuSign to apply automatic expiration settings as a fail safe.
  • Scenario 3: Recipient Authentication Trigger is set to "Every time a recipient accesses an envelope" and Recipient Authentication Skip Option is set to "Recipients can skip authentication when accessing subsequent envelopes...."
Security Settings - Authentication Triggers - First Access, Skip Enabled
  • With this configuration, only Identity Authentication options are allowed to be skipped. This means recipients with Access Code authentication are still asked to enter the Access Code to authenticate on each access. Because the skip option only applies to Identity Authentication, we may see various behaviors depending on the specific authentication methods applied to a recipient:
    • Scenario 3a: Recipient has only Access Code authentication applied
      • The recipient is asked to enter the Access Code for each access. As such, the Envelope Notification links are not subject to expiration
    • Scenario 3b: Recipient has only Identity Authentication applied 
      • The recipient is only asked to authenticate on the first access during the specified period. The signer may access the link up to 5 additional times before the end of the skip period without being asked to authenticate again and the link will expire on the sixth or greater access. When the recipient receives a new Envelope Notification, they will be asked to complete the Advanced Authentication method again.
    • Scenario 3c: Recipient has both Access Code and Identity Authentication applied
      • The recipient is asked to both enter the Access Code and complete the Advanced Authentication on their first access to the envelope. Subsequent accesses during the skip period will continue to require the Access Code but not the Advanced Authentication method. As at least one authentication method is still required to access the envelope, the Envelope Notification links are not subject to expiration.


Frequently Asked Questions

  • Q: Why did DocuSign implement email link expiration?
    • A: For the security of your documents. The reason email links expire is to improve the security of unauthenticated access to envelopes. The best solution is to enable Recipient Identity Authentication or login requirements via Security Settings in order to access documents in the account.
  • Q: What notification types are affected?
    • A: All DocuSign email notifications which contain a link to an envelope are affected. This includes links to both in-process and completed envelopes.
  • Q: What if I changed my email address since I received the notification and can no longer receive mail at the original email address? Can DocuSign forward the notification to my new address?
    • A: For security purposes, DocuSign cannot change the email address that we send the notification. If you no longer have access to the original email address, please contact the sender of the envelope to get a copy of the document.
  • Q: Why am I not receiving DocuSign email notifications?
    • A: There are many reasons why you may not receive DocuSign email notifications.
      1. Your email server or client may be blocking emails from DocuSign. See Why am I not getting DocuSign email notifications? for more information and troubleshooting steps.
      2. The notification you originally received may have been forwarded to you by the intended recipient. You can always contact the sender to request a copy of the envelope.
      3. If you are the intended recipient of the envelope, you can bypass the need for the email notification by logging into DocuSign to access the envelope from within your account.
  • Q: After a link has expired, how do I request a new link?
    • A: When you access an expired link for the first time, DocuSign automatically sends a new notification with a fresh link to the email address defined by the envelope's sender. Subsequent accesses to an expired link will give you a button to "Send new link," which when clicked will send a new notification with a fresh link to the email address defined by the envelope's sender. See Why am I not getting DocuSign email notifications? if you do not receive the new notification email.
  • Q: How is this method more secure if a new link can be generated automatically?
    • A: This change reduces the impact for cases when someone shares a link publicly such as Twitter or forwards an email. The automatically-generated new link is only sent to the intended recipient of the envelope.
  • Q: Does a new link request event display in the envelope's Certificate of Completion?
    • A: The sending of new links will show up in the Envelope History, but not the Certificate of Completion since this isn’t considered a new action in sending or signing.
  • Q: Can the page to generate a new link be branded? What does it look like?
    • A: This is a standard notice page which will reflect your account's custom branding. You can find examples of the default notifications earlier in this article. Please be sure to test your branding in Demo to verify how this page will look to your signers.

Learn More

Recipient Authentication