How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I stop IDM (All versions) prompting users for their current password during password reset?

Last updated Feb 24, 2021

The purpose of this article is to provide information on configuring IDM to not prompt users for their current password when they reset it using the user password reset feature. You will need to use this configuration in situations where the user will not know their password; for example, if they log in with a social provider or if you have just imported new users into IDM.

Configuring IDM

You can configure IDM so that users are not prompted for their current password by setting the password isProtected property to false in the managed.json file (located in the /path/to/idm/conf directory). For example:

"password" : { "title" : "Password", "description" : "Password", "type" : "string", ... "isProtected": false, "usageDescription" : "", "isPersonal" : false,

Setting the isProtected property to false means users won't be asked to reauthenticate (enter their current password) when they reset their password.

See Also

How do I initiate the password reset functionality in IDM 5.x and OpenIDM 4.x via the REST API?

Link in Password Reset and User Registration emails does not work in Microsoft Outlook with IDM 5.x, 6 - and 6.5.0

Self-Service Reference › Password Reset

Self-Service Reference › Password Reset

Object Modeling Guide › Create and Modify Object Types

Related Training


Related Issue Tracker IDs

OPENIDM-11536 (Cannot set user password for user created through full-stack social registration)

OPENIDM-6325 (Users which have no password should not be prompted to enter their current password)

Copyright and TrademarksCopyright © 2021 ForgeRock, all rights reserved.