Password management in the IAM Adminapp

The Password Token Controller plugin is used to enable password management for administrators and the help desk in the Adminapp and the Admin REST API.

Adminapp - menu Users, tab Password


  1. To enable password management (Adminapp web UI and REST API), do the following:
  2. Go to:
    Adminapp >> Users
  3. Add the plugin Password Token Controller to the list in property Authentication Tokens.
  4. In the plugin, connect the relevant Password Settings. In the Password Settings plugin, especially note the properties in group Password Management in Admintool.
  5. Configure the other properties as required. See below for selected features and refer to the documentation in the Config Editor.
  6. Make sure the access control settings for password management are set as required: Adminapp >> Access Control >> Password Management

Trigger password reset email

With the Password Token Controller, the helpdesk user may send an email to the end-user to set a new password (or start any other public self-service). If the feature is enabled, the button Send reset email (see screenshot above) is displayed.

  1. To use the feature:
  2. Go to:
    Adminapp >> Users >> Authentication Tokens >> Password Token Controller
  3. Configure a plugin in property Password Reset Self Service and use the Flow-Based Password Reset plugin in conjunction with a corresponding public self-service flow (flow continuation concept). See the links below for more information.