Skip to content

Configure password recovery

Asgardeo provides support for self-service password recovery from the login page. Once initiated, the user will receive a password reset link via email. This guide walks you through setting up password recovery for users to facilitate resetting lost or forgotten passwords.

To configure password recovery:

  1. On the Asgardeo Console, go to Login & Registration > Account Recovery > Password Recovery.

  2. Select one or both of the following recovery options:

    • Email Link
    • SMS OTP

    Password Recovery Configuration

  3. Configure the settings for the selected option/s.

    Email Link

    Notify on successful recovery Specifies whether to notify the user via an email when password recovery is successful.
    Recovery link expiry time Specifies password recovery link expiry time in minutes. If you enter 60 min, the password recovery email notification will expire after 60 min.

    SMS OTP

    Password recovery OTP expiry time Specifies the duration (in minutes) after which the OTP code sent through SMS will expire.

  4. Configure character constraints for OTP code generation:

    Include upper case letters If nothing else is selected, the code will have only upper case letters or else a combination of upper case letters and any other selected character types.
    Include lower case letters If nothing else is selected, the code will have only lower case letters or else a combination of lower case letters and any other selected character types.
    Include numeric characters If nothing else is selected, the code will have only digits or else a combination of digits and any other selected character types.
    Password recovery OTP code length Specify the length of the code

  5. Configure limitations for recovery attempts:

    Max failed attempts count Maximum number of times a user may enter an incorrect OTP.
    Maximum resend attempts count Maximum number of times a user may request to resend the OTP.

  6. Click Update to save your changes.