This documentation is for WSO2 Identity Server 5.4.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


titleConfiguring WSO2 IS for automatic account unlock

The WSO2 Identity Server can be configured to automatically unlock a user account after a certain period of time. A user account locked by failed login attempts can be unlocked by setting a lock timeout period. 

Configure the Authentication.Policy.Account.Lock.Time property in the  <IS_HOME>/repository/conf/identity/ file. As mentioned in the above table, the value refers to the number of minutes that the account is locked for, after which, authentication can be attempted again. 

Code Block

If the lock time is set to 0, the account has to be unlocked by an admin user. For more information about on this, see Account locking for a particular usersee Locking a Specific User Account.

Configuring sending emails for Account Locking by Failed Login Attempts