Skip to main content

Account Recovery

In this walkthrough, John has forgotten his Wayfinder password. He selects Forgot password? on the sign-in screen, receives a recovery email, opens the link, and sets a new password. ThunderID runs the recovery flow end-to-end and returns him to Wayfinder ready to sign in with the new credentials.

Prerequisites

Complete Set Up Your Environment before starting this walkthrough.

Background

Add Account Recovery covers the requirements story behind this use case.

Set Up Account Recovery

  1. Recovery emails are delivered through a SMTP server. Configure a SMTP provider and apply the configuration in repository/conf/deployment.yaml.

    Sample SMTP Configuration:

    email:
      smtp:
        host: "<smtp-host>"
        port: <smtp-port>
        username: "<smtp-username>"
        password: "<smtp-password>"
        from_address: "<from-address>"
        enable_start_tls: true
        enable_authentication: true

  2. Restart ThunderID for the changes to take effect.

Pick Your Pattern

Redirect-based

In the redirect-based pattern, the consumer app sends the user to ThunderID for the entire recovery experience. The Wayfinder web frontend is configured exactly this way: the Sign in button triggers an OIDC redirect to ThunderID. From there, the user picks Forgot password?, completes the recovery flow, and returns to Wayfinder to sign in with the new password.

Try the Use Case

  1. Open http://localhost:5173 and select Sign in. The browser navigates to ThunderID.
  2. On the ThunderID sign-in page, select Forgot password?.
  3. Enter john.doe as the username and submit. ThunderID runs the recovery flow and sends a recovery email to john.doe@example.com.
  4. Open the email in John's inbox and open the link inside.
  5. ThunderID renders a Set new password screen. Enter a new password and submit.
  6. ThunderID shows a confirmation and returns John to Wayfinder. Select Sign in again and sign in with the new password.
App-native step-by-step

Coming soon. See the App-native pattern for what to expect.

App-native managed

Coming soon. See the App-native pattern for what to expect.

Going Deeper

  • Want to understand the steps the recovery flow takes? See Flows in the Identity Concepts.
  • Prefer to build the recovery flow manually? See Build the Account Recovery Flow in Configure It Yourself.
ThunderID LogoThunderID Logo

Product

DocsAPIsSDKs

Community

ContributingDiscussionsReport an Issue

Resources

ReleasesGitHub
© WSO2 LLC. All rights reserved.Privacy PolicyCookie Policy