Password Reset¶

The Password Reset feature is available for sites using the Local User authentication provider. Administrators can configure this feature to provide users the option to reset their password upon logging into Vinyl. This feature is not enabled by default. Using this feature assumes that you have configured SMTP mail server settings in Vinyl, as that is required in order to send out mail notifications related to this feature. When configured properly, the Forgot password? link will appear on the Vinyl login screen.

The expected workflow of the Password Reset feature is:

1. A user who needs to reset their Password clicks the Forgot Password link from the Vinyl login screen
2. The user enters their Vinyl account Email Address and clicks the Request Password Reset button
3. The user goes to check their Email, which should contain a Password Request email with a time sensitive reset password link
4. The user clicks on the Reset Password button embedded in the Email link, which launches a web browser and loads the Reset Password page
5. The user provides a new password
6. After the Password is reset, an email will be sent to the user to notify them of this action
7. The user can now sign into Vinyl with the new Password

To Enable Password Reset¶

In order to use the Password Reset feature, there are three main tasks involved:

1. Create a Security Group for Anonymous Users
2. Configure the Notification Endpoint (SMTP Mail Server Settings)
3. Configure the Web Site URL

Create a Security Group for Anonymous Users¶

An Administrator needs to grant the Anonymous Users group access to the Vinyl - Password Reset application and make them a member of the Password Reset role.

1. Navigate to the IDE
2. Click on User Management
3. Select Groups, click the + Group button, and provide the Name Anonymous
4. Click on the Manage Privileges button, and then click the Create button
5. Select Application as the Type value, and then select Vinyl - Password Reset as the Application value
6. Click on the Save button, and close out of the Privilege window
7. Under the Roles panel, click on the Grant button that appears next to the Password Reset role
8. Click the back button to return to the Groups page
9. In the Groups panel, select the Anonymous Users group
10. In the Membership panel, click the + Membership button
11. Select Anonymous Users from the list options, and then click on the Save icon

Configure the Notification Endpoint (SMTP Mail Server Settings)¶

1. Navigate to the IDE
2. Cick the Notification Servers button
3. In the Notification Endpoints panel, expand the SMTP option
4. Edit the URI field so that it contains a valid SMTP Endpoint. URI should be smtp://<hostname> or smtps://<hostname>
5. Edit the Default From Address field so that it contains a valid email account address to be used by the notification emails sent through Password Reset
6. Click outside of a field to save

Configure the Web Site URL¶

1. Navigate to the IDE
2. Click on the Security Providers button
3. From the Configuration panel, click on More > Sites and either create or edit the existing URL
4. Enter the appropriate Web Site URL value for the Vinyl app you are configuring Password Reset for. For example: http://example.com/
5. Click on the Save button

Optional Password Reset Customization Options¶

The Password Reset feature has a few areas related to the messages and email templates you can customize, if desired. For example, you may wish to change the text that the notification emails send out through this feature. Customization options for this feature are available under Vinyl IDE → Secure your Application → Local User → Password Reset. The customizable options (with the exception of the Length token value, which is not customizable) are as follows:

Troubleshooting¶

If you run into issues using the Password Reset feature, please see the Troubleshooting section in the Configuring SMTP article.