Configuring the password-reset notification and timeout

Configure the time allowed for a user to reset a password, and customize the notification that the user receives.

Before you begin

Configure an email server that can be used for mailing notifications to users. If you do not configure an email server, a link cannot be send to a user who wants to reset a password. For information on configuring the email server, see Setting up notifications.

About this task

When a user clicks Forgot Password? and provides an email address on the sign-in page, an email is generated with a link where the user can reset the password. When you deploy API Connect, the password-reset settings are configured with default values. You can optionally modify the time-out setting to set a new expiration for resets as well as the notification that is emailed to users.

Procedure

  1. In the Cloud Manager, click Settings Settings.
  2. In the Settings navigation list, click Onboarding.
  3. Configure the password reset timeout:
    1. In the Settings navigation list, click Onboarding.
    2. Click Edit next to Reset Password Time to Live.
    3. To specify a timeout value, select or type an integer value in the Number field and then choose a unit of time (Seconds, Minutes, or Hours) in the Unit field.
    4. Click Save.
  4. Customize the notification template for password resets:
    1. In the Settings navigation list, click Notifications.
    2. In the Notifications Templates list, select the appropriate version of the "password-reset" template by clicking the name.

      You can create different versions of the template for different user roles.

    3. Customize the template as explained in Customizing email notification templates.
    4. Click Save.

Results

Password reset notifications contain a link, which expires after the specified the timeout. If the user does not reset the password before the link expires, they can request a new link.