This documentation is for WSO2 Identity Server 5.1.0. View documentation for the latest release.
Page Comparison - Creating Users using the Ask Password Option (v.9 vs v.10) - Identity Server 5.1.0 - WSO2 Documentation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. Enable the Identity Listener by setting the following property to true in the <IS_HOME>/repository/conf/identity/identity.xml file.

    Code Block
    <EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener" name="org.wso2.carbon.identity.mgt.IdentityMgtEventListener" orderId="50" enable="true"/>
  2. Open the <IS_HOME>/repository/conf/identity/ file and configure the following properties.

    Code Block
    This enables notifications to be sent via email when recovering an account or verifying user creation.
    Using this configuration, you can specify a time limit for the notification to expire.
    Enable the internal email sending module. If this is "false", the email sending data would be available to applications via a Web service. Then the application can send the email using its own email sender.
    Enabling this ensures that temporary passwords are used when creating user accountsEnable this property by setting it to true. It creates a temporary password for the user account until the user sets his/her own password.
    This enables verification of account creation. When self registration is done, the user would be verified by sending email (confirmation link) to user's email account.
  3. Open the <IS_HOME>/repository/conf/axis2/axis2.xml file and uncomment the following email transportSender configurations. This must be done as notification sending is internally managed. The configurations available are just a sample, so you must provide your email details as required.

    Code Block
    <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender">
            <parameter name="mail.smtp.from"></parameter>
            <parameter name="mail.smtp.user">wso2demomail</parameter>
            <parameter name="mail.smtp.password">mailpassword</parameter>
            <parameter name=""></parameter>
            <parameter name="mail.smtp.port">587</parameter>
            <parameter name="mail.smtp.starttls.enable">true</parameter>
            <parameter name="mail.smtp.auth">true</parameter>
  4. Make sure the following email template is defined in the <IS_HOME>/repository/conf/email/email-admin-config.xml file.


    When modifying the email-admin-config.xml file, to separate query parameters in the account confirmation link, add "&amp"; instead of just "&" because adding an "&" will create a syntax error in XML. However if you define the email template from the management console UI, simply use "&" for separating the query parameters in the link.

    Code Block
    <configuration type="askPassword">
      <subject>WSO2 Carbon - Password Change for New Account</subject>
    Hi {first-name},
    Please change your password for the newly created account: {user-name}. Please click the link below to create the password.
    If clicking the link doesn't seem to work, you can copy and paste the link into your browser's address window.
    Best Regards,
    WSO2 Carbon Team

    The targetEpr and redirectPath configurations are values added based on the sample web application used in this topic.


    You can configure email templates for specific tenants.

    You can also define the email template using the Management Console of Identity Server as well by clicking on Configure> Email Templates under the Configure section, without modifying the email-admin-config.xml file manually.


  5. Restart the WSO2 Identity Server for the changes to take effect.
  6. Sign in to the Management Console by entering your username and password.
  7. In the Main menu, click Add under Claims. See Claim Management for more information on this.
  8. Click Add New Claim and select the dialect link in the Dialect drop down. 
  9. Enter the following values in the form that appears.
    titleAbout usage in tenants

    If you wish to have a set of claims for all tenants, you must add those claims to the <PRODUCT_HOME>/repository/conf/claim-mgt.xml file prior to the first startup and then start the server. If you do not require these claims for all tenants, then it should be added via the UI of specific tenants as instructed here.

  10. Click Add. The claim is now added into the Identity Server and you can view the details as seen below.