This documentation is for WSO2 IoT Server 3.1.0. View the documentation for the latest release.
Resetting a User Password - IoT Server 3.1.0 - WSO2 Documentation
Skip to end of metadata
Go to start of metadata

WSO2 IoT Server enables admin users to reset passwords of other users and for device owners to reset their own password once they have signed in to WSO2 IoT Server's device management console. This is useful to address the following scenarios:

  • Reset the password when the user or device owner forgets the password.
  • Reset the password when an account is locked due to an incorrect password entry.
  • Secure the device details by resetting the password.

If you want to learn how to change the super administrator username and password, see Changing the Super Administrator Username and Password.

Take a look at how an administrator and device owner can do the same task via the device management console:

  1. Start the WSO2 IoT Server core profile via command prompt, if you have not started it before. 

    ------Navigate to the bin directory-----
    cd <IoT_HOME>/bin
    ------For Linux/Mac OS/Solaris------ 
    ------------For Windows-------------
  2. Sign in to the Device Management console as an admin user.  

     Click here to expand...

    Follow the instructions below to sign in to the WSO2 IoT Server device management console:

    1. If you have not started the server previously, start the server.

    2. Access the device management console.

      • For access via HTTP: 

        For example: http://localhost:9763/devicemgt/
      • For access via secured HTTP: 
        For example: https://localhost:9443/devicemgt/ 
    3. Enter the username and password, and sign in.

      The system administrator will be able to log in using admin for both the username and password. However, other users will have to first register with WSO2 IoT Server before being able to log into the IoTS device management console. For more information on creating a new account, see Registering with WSO2 IoT Server.

    4. Click LOGIN. The respective device management console will change, based on the permissions assigned to the user.
      For example, the device management console for an administrator is as follows:

  3. Click View under USERS

  4. Click the  icon on the user whose password you want to reset. A password entry dialog appears.
  5. Enter the new password and click Save

    Your new password should be 5 characters or more and should not include any white spaces.

Follow the instructions given below to change your password when you are signed in to the device management console:

  1. Sign into the device management console using admin as the username and admin as the password: https://<IoT_HOST>:9443/devicemgt

    If you changed the super administrator username and password, make sure to sign in with the new credentials.

  2. Click the user icon, and click Change Password.
  3. Enter the required details and click Change.
  4. Click YES to change your password.
 Why do I get the following warning: org.wso2.carbon.server.admin.module.handler.AuthenticationHandler - Illegal access attempt while trying to authenticate APIKeyValidationService?

After changing the default user password you might run into this error. If you do run into this error, follow the steps given below:

  • Change the credentials stored in the <APIKeyManager> element of the <IOTS_HOME>/conf/api-manager.xml file of the API Gateway node/s.
  • Have you set the priority of the SAML2SSOAuthenticator handler higher than that of the BasicAuthenticator handler in the <IOTS_HOME>/conf/security/authenticators.xml file? If so, the SAML2SSOAuthenticator handler tries to manage the basic authentication requests as well. Set a lower priority to the SAML2SSOAuthenticator than theBasicAuthenticator handler as follows:

    <Authenticator name="SAML2SSOAuthenticator" disabled="true">
          <Parameter name="LoginPage">/carbon/admin/login.jsp</Parameter>
          <Parameter name="ServiceProviderID">carbonServer</Parameter>
          <Parameter name="IdentityProviderSSOServiceURL">https://localhost:9443/samlsso</Parameter>
          <Parameter name="NameIDPolicyFormat">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</Parameter>
          <Parameter name="ResponseSignatureValidationEnabled">false</Parameter>
          <Parameter name="AssertionSignatureValidationEnabled">false</Parameter>
       <!-- If this authenticator should skip any URI from authentication, specify it under "SkipAuthentication"
         </SkipAuthentication> -->
       <!-- If this authenticator should skip any URI from session validation, specify it under "SkipAuthentication
            </SkipSessionValidation> -->
  • No labels