Password Reset#
Overview#
The Gluu Server includes a basic feature to enable users to perform self-service password resets. This feature only works for passwords stored in the Gluu Server, i.e. if passwords are stored in a backend system, this feature will not work.
In order to use this feature, follow these steps:
- Complete SMTP Server configuration
- Enable password reset in oxTrust
- Test
Attention
For production deployments, we recommend writing a custom "Forgot Password" page that leverages Gluu's SCIM APIs. Follow our tutorial here.
Prerequisites#
The following are requirements to use this feature:
- An active Gluu Server instance with oxTrust accessible via the web
- A working SMTP Server
Provide the SMTP Server Configuration#
The Gluu Server requires an SMTP server to be able to send password reset emails to the user's mailbox. A suitable UI is provided to gather the SMTP server configuation on Gluu OxTrust AdminUI.
-
Log into the Gluu Server as a user with admin privileges
-
Navigate to
Configuration
>Organization Configuration
-
Select the
SMTP Server Configuration
tab -
Fill the form with correct values according to your SMTP Server settings
-
Click the
Test Configuration
button to ensure the SMTP server is working: If the configuration is correct, then you will see a successful message like this: -
Click the
Update
button to save changes
Enable Password Reset on OxTrust#
-
Navigate to
Configuration
>Organization Configuration
-
Select the
System Configuration
tab -
Enable
Self-Service Password Reset
-
Click the
Update
button to save changes
Test#
-
Create a test user in the Gluu Server
-
Go to the Gluu Server login page
-
Click the
Forgot your Password?
link -
Fill the form with the user email and click the
Send Mail
button -
You'll get the following result:
-
Check the user's mailbox