By default, the  provides controls for administrators to reset passwords for themselves and for other users. 

Optionally,  customers can enable users to reset their passwords via email, which provides an extra measure of validation and security.

Pre-requisites

  1. Your enterprise must have an accessible SMTP email server that the  can use to send emails.
  2. You should create a dedicated email account for issuing the password resets. The username and password for this account must be stored in platform configuration. 

Configuration

Steps:

  1. Edit the following settings:

    "webapp.enableSelfServicePasswordReset": true,
    "webapp.passwordResetExpiryInMinutes": 1440,
    "webapp.passwordResetSender": "<SENDER_EMAIL_ADDRESS>",


    SettingDescription
    enableSelfServicePasswordResetSet this value to true to enable this feature.
    emailTokenExpiryInMinutes

    Set the expiration time for the password reset email. Users must click through to reset their password before this time limit expires.

    The default value is 1440, which is 24 hours.

    passwordResetSender

    Enter an email account to use as the displayed sender of these emails.

    Tip: You should enter a value here to mask the real user account that is specified for the SMTP server connection.



  2. Save your changes and restart the platform.

Validate

  1. Visit the login page for your . See Login.
  2. Click the Forgot password? link.
  3. Reset your password.
  4. When the email arrives, click the link to complete the password reset.