Resending Account Recovery Confirmation Mails

WSO2 IS sends Account recovery confirmation mails for the following scenarios:

• User creation through ask password option
• Notification-based password recovery
• Admin-initiated password reset through an email link
• Admin-initiated password reset via OTP
• Self-registration

But if the user didn’t get the recovery mail for some reason or confirmation code expired, then account recovery confirmation emails need to be resent. Resending account recovery confirmation mails.

This feature available in 5.3.0 wum update, 5.7.0 wum update and in the latest IS versions.

To configure this feature, first we need to configure email templates via the management console.

1. Configure Email Templates

Refer this document for Resending Account Recovery Confirmation Emails

2. Resend code API

In IS 5.3.0, Use the following API

POST https://apis.is.com/t/{tenant-domain}/api/identity/user/v0.9/resend-code

In 5.7.0, Use the following API

POST https://apis.is.com/t/{tenant-domain}/api/identity/user/v1.0/resend-code

This API is used to resend the confirmation code if it is missing.

WSO2 Identity Server 5resending the confirmations via email for the ASK_PASSWORD, NOTIFICATION_BASED_PW_RECOVERY, ADMIN_FORCED_PASSWORD_RESET_VIA_EMAIL_LINK, ADMIN_FORCED_PASSWORD_RESET_VIA_OTP, and SELF_SIGN_UP recovery scenarios.

If there are no values defined for the properties attribute in the request, this API will resend the confirmation code to the user self-registration process by default.

3. Try out feature for Ask Password flow.

Create a user via Ask Password flow.

• Before begin, use this document to configure IS 5.3.0 for ask password flow.
• Go to management console.
• On the Main tab in the Management Console , click Add under Users and Roles.
• Click on Add User and give username and Email Address.

• Once the user gets created, a confirmation mail will be sent to the users’ email address.

Try Resend Confirmation Email API for Ask Password flow.

• Try resend confirmation email flow for Ask Password in IS 5.3.0, use the following sample request (when the user created in super tenant).

curl -k -X POST -H “Authorization: Basic YWRtaW46YWRtaW4=” -H “Content-Type: application/json” -d ‘{“user”:{“username”: “askpass”,”realm”: “PRIMARY”},”properties”: [{“key”:”RecoveryScenario”,”value”:”ASK_PASSWORD”}]}’ “https://localhost:9443/api/identity/user/v0.9/resend-code"

• Now a resend Confirmation email will be sent the user’s email address.

If it is a user in the tenant domain,

curl -k -X POST -H “Authorization: Basic YWRtaW46YWRtaW4=” -H “Content-Type: application/json” -d ‘{“user”:{“username”: “user1”,”realm”: “userdb”},”properties”: [{“key”:”RecoveryScenario”,”value”:”ASK_PASSWORD”}]}’ “https://localhost:9443/t/abc.com/api/identity/user/v0.9/resend-code"

The username should not contain a tenant domain. It will be picked from the URL.