diff --git a/app/controllers/auth/confirmations_controller.rb b/app/controllers/auth/confirmations_controller.rb
new file mode 100644
index 000000000..4b6a37372
--- /dev/null
+++ b/app/controllers/auth/confirmations_controller.rb
@@ -0,0 +1,9 @@
+class Auth::ConfirmationsController < Devise::ConfirmationsController
+  def create
+    super
+  end
+
+  def show
+    super
+  end
+end
diff --git a/app/mailers/devise_notify_mailer.rb b/app/mailers/devise_notify_mailer.rb
index 3d44cbec2..0a260dc3d 100644
--- a/app/mailers/devise_notify_mailer.rb
+++ b/app/mailers/devise_notify_mailer.rb
@@ -13,7 +13,7 @@ class DeviseNotifyMailer < Devise::Mailer
     )
   end
 
-  def reset_password_instructions(record, token, _opts = {})
+  def personalisation(record, token)
     url = public_send("edit_#{record.class.name.underscore}_password_url")
     personalisation = {
       name: record.name || record.email,
@@ -21,13 +21,24 @@ class DeviseNotifyMailer < Devise::Mailer
       organisation: record.respond_to?(:organisation) ? record.organisation.name : "",
       link: "#{url}?reset_password_token=#{token}",
     }
-    send_email(record.email, record.reset_password_notify_template, personalisation)
   end
 
-  # def confirmation_instructions(record, token, _opts = {})
-  #   super
-  # end
-  #
+  def reset_password_instructions(record, token, _opts = {})
+    send_email(
+      record.email,
+      record.reset_password_notify_template,
+      personalisation(record, token)
+    )
+  end
+
+  def confirmation_instructions(record, token, _opts = {})
+    send_email(
+      record.email,
+      record.confirmable_template,
+      personalisation(record, token)
+    )
+  end
+
   # def unlock_instructions(record, token, opts = {})
   #   super
   # end
diff --git a/app/models/user.rb b/app/models/user.rb
index 6cb41585b..5e8f0f627 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,8 +1,8 @@
 class User < ApplicationRecord
   # Include default devise modules. Others available are:
-  # :confirmable, :timeoutable and :omniauthable
+  # :omniauthable
   devise :database_authenticatable, :recoverable, :rememberable, :validatable,
-         :trackable, :lockable, :two_factor_authenticatable
+         :trackable, :lockable, :two_factor_authenticatable, :confirmable, :timeoutable
 
   belongs_to :organisation
   has_many :owned_case_logs, through: :organisation
@@ -66,10 +66,14 @@ class User < ApplicationRecord
 
   MFA_TEMPLATE_ID = "6bdf5ee1-8e01-4be1-b1f9-747061d8a24c".freeze
   RESET_PASSWORD_TEMPLATE_ID = "2c410c19-80a7-481c-a531-2bcb3264f8e6".freeze
-  SET_PASSWORD_TEMPLATE_ID   = "257460a6-6616-4640-a3f9-17c3d73d9e91".freeze
+  CONFIRMABLE_TEMPLATE_ID   = "257460a6-6616-4640-a3f9-17c3d73d9e91".freeze
 
   def reset_password_notify_template
-    last_sign_in_at ? RESET_PASSWORD_TEMPLATE_ID : SET_PASSWORD_TEMPLATE_ID
+    RESET_PASSWORD_TEMPLATE_ID
+  end
+
+  def confirmable_template
+    CONFIRMABLE_TEMPLATE_ID
   end
 
   def need_two_factor_authentication?(_request)
diff --git a/app/views/devise/confirmations/new.html.erb b/app/views/devise/confirmations/new.html.erb
index fe57a4a06..1b9ca13ea 100644
--- a/app/views/devise/confirmations/new.html.erb
+++ b/app/views/devise/confirmations/new.html.erb
@@ -1,15 +1,32 @@
-<h2>Resend confirmation instructions</h2>
+<% content_for :title, "Resend invitation link" %>
+
+<% content_for :before_content do %>
+  <%= govuk_back_link(
+    text: "Back",
+    href: :back,
+  ) %>
+<% end %>
 
 <%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
-  <%= render "devise/shared/error_messages", resource: resource %>
+  <div class="govuk-grid-row">
+    <div class="govuk-grid-column-two-thirds">
+      <%= f.govuk_error_summary %>
+
+      <h1 class="govuk-heading-l">
+        <%= content_for(:title) %>
+      </h1>
+
+      <p class="govuk-body">Enter your email address to get a new invitation link.</p>
 
-  <%= f.govuk_email_field :email,
-    label: { text: "Email address" },
-    autocomplete: "email",
-    spellcheck: "false",
-    value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>
+      <%= f.govuk_email_field :email,
+        label: { text: "Email address" },
+        autocomplete: "email",
+        spellcheck: "false",
+        value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>
 
-  <%= f.govuk_submit "Resend confirmation instructions" %>
+      <%= f.govuk_submit "Send email" %>
+    </div>
+  </div>
 <% end %>
 
 <%= render "devise/shared/links" %>
diff --git a/app/views/devise/passwords/reset_password.html.erb b/app/views/devise/passwords/reset_password.html.erb
index 04353c7b2..6399a99d9 100644
--- a/app/views/devise/passwords/reset_password.html.erb
+++ b/app/views/devise/passwords/reset_password.html.erb
@@ -11,6 +11,7 @@
   <%= f.hidden_field :reset_password_token %>
   <div class="govuk-grid-row">
     <div class="govuk-grid-column-two-thirds">
+      <% binding.pry %>
       <%= f.govuk_error_summary %>
 
       <h1 class="govuk-heading-l">
diff --git a/config/routes.rb b/config/routes.rb
index 3c8995519..f8269ed12 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -26,6 +26,7 @@ Rails.application.routes.draw do
   devise_for :users, {
     path: :account,
     controllers: {
+      confirmations: "auth/confirmations",
       passwords: "auth/passwords",
       sessions: "auth/sessions",
       two_factor_authentication: "auth/two_factor_authentication",
diff --git a/db/migrate/20220517093906_add_confirmable_users.rb b/db/migrate/20220517093906_add_confirmable_users.rb
new file mode 100644
index 000000000..46a050266
--- /dev/null
+++ b/db/migrate/20220517093906_add_confirmable_users.rb
@@ -0,0 +1,11 @@
+class AddConfirmableUsers < ActiveRecord::Migration[7.0]
+  def change
+    change_table :users, bulk: true do |t|
+      t.column :confirmation_token, :string
+      t.column :confirmed_at, :datetime
+      t.column :confirmation_sent_at, :datetime
+      t.string :unconfirmed_email
+    end
+    add_index :users, :confirmation_token, unique: true
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index a65c0df64..0fa555d87 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -343,6 +343,11 @@ ActiveRecord::Schema[7.0].define(version: 2022_05_18_115438) do
     t.datetime "direct_otp_sent_at", precision: nil
     t.datetime "totp_timestamp", precision: nil
     t.boolean "active", default: true
+    t.string "confirmation_token"
+    t.datetime "confirmed_at", precision: nil
+    t.datetime "confirmation_sent_at", precision: nil
+    t.string "unconfirmed_email"
+    t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
     t.index ["email"], name: "index_users_on_email", unique: true
     t.index ["encrypted_otp_secret_key"], name: "index_users_on_encrypted_otp_secret_key", unique: true
     t.index ["organisation_id"], name: "index_users_on_organisation_id"
diff --git a/lib/tasks/onboarding_emails.rake b/lib/tasks/onboarding_emails.rake
index 6610358db..e0282ada9 100644
--- a/lib/tasks/onboarding_emails.rake
+++ b/lib/tasks/onboarding_emails.rake
@@ -12,11 +12,7 @@ namespace :onboarding_emails do
     organisation.users.each do |user|
       next unless URI::MailTo::EMAIL_REGEXP.match?(user.email)
 
-      onboarding_template_id = "b48bc2cd-5887-4611-8296-d0ab3ed0e7fd".freeze
-      token = user.send(:set_reset_password_token)
-      url = "#{host}/account/password/edit?reset_password_token=#{token}"
-      personalisation = { name: user.name || user.email, link: url }
-      DeviseNotifyMailer.new.send_email(user.email, onboarding_template_id, personalisation)
+      user.send_confirmation_instructions
     end
   end
 end