diff --git a/app/lib/seeds.rb b/app/lib/seeds.rb
index 4c4467314..a8f49a97c 100644
--- a/app/lib/seeds.rb
+++ b/app/lib/seeds.rb
@@ -5,6 +5,7 @@ def perform
 
     create_authorization_requests_for_clamart
     create_authorization_requests_for_dinum
+    create_validated_authorization_request(:portail_hubee_demarche_certdc, attributes: { description: nil })
   end
 
   def flushdb
@@ -161,10 +162,10 @@ def create_organization(siret:, name:)
   def create_draft_authorization_request(kind, attributes: {})
     create_authorization_request_model(
       kind,
-      attributes: attributes.merge(
+      attributes: {
         fill_all_attributes: true,
         description: random_description,
-      )
+      }.merge(attributes).compact
     )
   end
 
diff --git a/app/views/authorization_request_mailer/api_impot_particulier_sandbox/approve.text.erb b/app/views/authorization_request_mailer/api_impot_particulier_sandbox/approve.text.erb
new file mode 100644
index 000000000..801a33fc7
--- /dev/null
+++ b/app/views/authorization_request_mailer/api_impot_particulier_sandbox/approve.text.erb
@@ -0,0 +1,13 @@
+<%= render partial: 'mailer/shared/applicant/header', locals: { entity_name: @authorization_request.applicant.full_name } %>
+
+<%=
+  t(
+    '.description',
+    authorization_request_id: @authorization_request.id,
+    authorization_request_name: @authorization_request.name,
+    authorization_request_url: authorization_request_url(@authorization_request),
+    authorization_request_next_stage_url: next_authorization_request_stage_url(@authorization_request)
+  )
+%>
+
+<%= render partial: 'mailer/shared/applicant/footer', locals: { authorization_definition_name: @authorization_request.definition.name } %>
diff --git a/app/views/authorization_request_mailer/reopening_approve.text.erb b/app/views/authorization_request_mailer/reopening_approve.text.erb
index 488557143..d8ad37767 100644
--- a/app/views/authorization_request_mailer/reopening_approve.text.erb
+++ b/app/views/authorization_request_mailer/reopening_approve.text.erb
@@ -1,4 +1,4 @@
-<%= render partial: 'mailer/shared/applicant/header', locals: { entity_name: @authorization_request.applicant } %>
+<%= render partial: 'mailer/shared/applicant/header', locals: { entity_name: @authorization_request.applicant.full_name } %>
 
 <%=
   t(
diff --git a/app/views/authorization_request_mailer/reopening_refuse.text.erb b/app/views/authorization_request_mailer/reopening_refuse.text.erb
index 55ad3e00e..0e5bccae5 100644
--- a/app/views/authorization_request_mailer/reopening_refuse.text.erb
+++ b/app/views/authorization_request_mailer/reopening_refuse.text.erb
@@ -1,4 +1,4 @@
-<%= render partial: 'mailer/shared/applicant/header', locals: { entity_name: @authorization_request.applicant } %>
+<%= render partial: 'mailer/shared/applicant/header', locals: { entity_name: @authorization_request.applicant.full_name } %>
 
 <%=
   t(
diff --git a/app/views/authorization_request_mailer/reopening_request_changes.text.erb b/app/views/authorization_request_mailer/reopening_request_changes.text.erb
index 41a976dc3..77aac32e7 100644
--- a/app/views/authorization_request_mailer/reopening_request_changes.text.erb
+++ b/app/views/authorization_request_mailer/reopening_request_changes.text.erb
@@ -1,4 +1,4 @@
-<%= render partial: 'mailer/shared/applicant/header', locals: { entity_name: @authorization_request.applicant } %>
+<%= render partial: 'mailer/shared/applicant/header', locals: { entity_name: @authorization_request.applicant.full_name } %>
 
 <%=
   t(
diff --git a/config/environments/sandbox.rb b/config/environments/sandbox.rb
index 90c321c61..4e122f3e7 100644
--- a/config/environments/sandbox.rb
+++ b/config/environments/sandbox.rb
@@ -1,7 +1,7 @@
-require "active_support/core_ext/integer/time"
+require 'active_support/core_ext/integer/time'
 
 Rails.application.configure do
-  config.host = ENV.fetch("HOST", "localhost:3000")
+  config.host = ENV.fetch('HOST', 'localhost:3000')
 
   # Settings specified here will take precedence over those in config/application.rb.
 
@@ -53,19 +53,19 @@
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
   config.force_ssl = true
 
-  if ENV["RAILS_LOG_TO_STDOUT"].present?
+  if ENV['RAILS_LOG_TO_STDOUT'].present?
     config.logger = ActiveSupport::Logger.new(STDOUT)
-      .tap  { |logger| logger.formatter = ::Logger::Formatter.new }
+      .tap  { |logger| logger.formatter = Logger::Formatter.new }
       .then { |logger| ActiveSupport::TaggedLogging.new(logger) }
   end
 
   # Prepend all log lines with the following tags.
-  config.log_tags = [ :request_id ]
+  config.log_tags = [:request_id]
 
   # Info include generic and useful information about system operation, but avoids logging too much
   # information to avoid inadvertent exposure of personally identifiable information (PII). If you
   # want to log everything, set the level to "debug".
-  config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info")
+  config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info')
 
   # Use a different cache store in production.
   # config.cache_store = :mem_cache_store
@@ -74,6 +74,7 @@
   config.active_job.queue_adapter = :good_job
   # config.active_job.queue_name_prefix = "data_pass_production"
 
+  config.action_mailer.show_previews = true
   config.action_mailer.delivery_method = :mailjet
   config.action_mailer.perform_caching = false
 
diff --git a/config/locales/mailer.fr.yml b/config/locales/mailer.fr.yml
index 3f1fc4bec..51c912ecf 100644
--- a/config/locales/mailer.fr.yml
+++ b/config/locales/mailer.fr.yml
@@ -15,6 +15,14 @@ fr:
           text: L'équipe DataPass
 
   authorization_request_mailer:
+    api_impot_particulier_sandbox:
+      approve:
+        description: |
+          Votre habilitation "%{authorization_request_name}" (numéro %{authorization_request_id}) a été validée par nos équipes.
+
+          Vous pouvez consulter votre habilitation en suivant le lien suivant: %{authorization_request_url}
+
+          Vous pouvez dès à présent poursuivre votre demande pour demander l’accès en production via ce lien : %{authorization_request_next_stage_url}
     approve:
       subject: Votre habilitation numéro %{authorization_request_id} vient d'être validée
       description: |
diff --git a/spec/mailers/previews/authorization_request_preview.rb b/spec/mailers/previews/authorization_request_preview.rb
index 9b76b167f..03f46490c 100644
--- a/spec/mailers/previews/authorization_request_preview.rb
+++ b/spec/mailers/previews/authorization_request_preview.rb
@@ -1,12 +1,25 @@
 class AuthorizationRequestPreview < ActionMailer::Preview
-  %w[changes_requested refused revoked validated].each do |state|
-    [state, "reopening_#{state}"].each do |mth|
+  {
+    changes_requested: :request_changes,
+    refused: :refuse,
+    revoked: :revoke,
+    validated: :approve
+  }.each do |state, event|
+    [event, "reopening_#{event}"].each do |mth|
+      next if mth == 'reopening_revoke'
+
       define_method mth do
         authorization_request_mailer_method(state, mth)
       end
     end
   end
 
+  def approve_dgfip_sandbox
+    AuthorizationRequestMailer.with(
+      authorization_request: AuthorizationRequest::APIImpotParticulierSandbox.where(state: :validated).first
+    ).approve
+  end
+
   private
 
   def authorization_request_mailer_method(state, mth)
diff --git a/spec/mailers/previews/gdpr_contact_mailer_preview.rb b/spec/mailers/previews/gdpr_contact_mailer_preview.rb
index d179bc3ab..68f00f360 100644
--- a/spec/mailers/previews/gdpr_contact_mailer_preview.rb
+++ b/spec/mailers/previews/gdpr_contact_mailer_preview.rb
@@ -14,6 +14,6 @@ def params_for(contact)
   end
 
   def find_authorization_request_by(contact)
-    AuthorizationRequest.where.not("data ? '#{contact}_email'").first
+    AuthorizationRequest.where("data ? '#{contact}_email'").first
   end
 end