diff --git a/lib/config.yml b/lib/config.yml
index 4e8e77a2..dc8af365 100644
--- a/lib/config.yml
+++ b/lib/config.yml
@@ -198,8 +198,8 @@ web:
     errorUri: "/forgot?status=invalid_sptoken"
 
   # If idSite.enabled is true, the user should be redirected to ID site for
-  # login, registration, and password reset.  They should also be redirected
-  # through ID Site on logout.
+  # login, registration, and password reset/verification.  They should also be
+  # redirected through ID Site on logout.
   idSite:
     enabled: false
     uri: "/idSiteResult"
@@ -207,6 +207,7 @@ web:
     loginUri: ""
     forgotUri: "/#/forgot"
     registerUri: "/#/register"
+    verifyUri: "/#/verify"
 
   # Social login configuration.  This defines the callback URIs for OAuth
   # flows, and the scope that is requested of each provider.  Some providers
diff --git a/lib/stormpath.js b/lib/stormpath.js
index 4b6f50d7..97eb0122 100644
--- a/lib/stormpath.js
+++ b/lib/stormpath.js
@@ -210,8 +210,12 @@ module.exports.init = function (app, opts) {
     }
 
     if (web.verifyEmail.enabled) {
-      addGetRoute(web.verifyEmail.uri, controllers.verifyEmail);
-      addPostRoute(web.verifyEmail.uri, controllers.verifyEmail);
+      if (web.idSite.enabled) {
+        addGetRoute(web.verifyEmail.uri, controllers.idSiteRedirect({ path: web.idSite.verifyUri }));
+      } else {
+        addGetRoute(web.verifyEmail.uri, controllers.verifyEmail);
+        addPostRoute(web.verifyEmail.uri, controllers.verifyEmail);
+      }
     }
 
     if (web.me.enabled) {