Temporary password in User Activation email?

Hi everyone,

Is it possible to insert the temporary password in to the User Activation email as a variable?

We want to implement the temporary password journey instead of directing users to the Okta console to set their password, however we are unable to access the temporary password in the User Activation email to inform the new user.

Alternatively, are there other solutions you know of that can deliver this same outcome?

Thanks,

Hi @m4ttmelbourne

Okta does not have an out of the box implementation for a temporary password inside the activation email.

The best solution to achieve the use-case is to create the user with a specific password and then expire the password.

Once the user authenticates the first time with the password set during creation, he will be prompted to change the password.

Hi @dragos
Thanks for replying.

Are you suggesting that we create the new user with a specific password is that hard coded, so we can write it into the new user activation email template? I.e. if we were to create 2x new users, both would be initially created with the same temporary password.

If yes, is that secure?
If not, how do we communicate it to the new user so that they can authenticate and specify their own password?

Thanks

Hi @m4ttmelbourne

You can base the initial password on details from the user’s profile, for example first name or last name. You can leverage the Okta expression language inside the email in order to have the password displayed properly for the user.

For example the following expression

tops3cr3t${f:substring(user.firstName,0,1)}p@ssw0rd${f:substring(user.lastName,0,1)}2019

will create a password based of:

  • the string “tops3cr3t”
  • the first letter of the user’s first name
  • the string “p@ssw0rd”
  • the last latter of the user’s last name
  • the string “2019”

Here is how it would look like as an email

1 Like

Hi @dragos

Thanks for the detail! This all makes sense.