Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Can't reset password on self-hosted portal

See original GitHub issue


Bug description

When self-hosting the portal a user is unable to reset their password. The link that gets sent in the email works perfectly well for the managed version of the portal, but not for the self-hosted version.

The developer tools in Chrome show that a request to the management api fails with a 401 Unauthorized error.

Reproduction steps

  1. Go to the homepage
  2. Click on ‘Sign In’
  3. Click on ‘Forgot your password?’
  4. Fill in and Click ‘Request reset’
  5. Open link in email
  6. An error message is displayed ‘Activate user error: You’re not authorized.’ above the form.
  7. Fill in the form with a new password
  8. Click ‘Reset’ button
  9. A different error message is displayed ‘Server error. Unable to send request. Please try again later.’

Expected behavior

The process for resetting a password when using a self-hosted version of the portal is identical to the process in the managed version of the portal.

Is your portal managed or self-hosted?


Release tag or commit SHA (if using self-hosted version)

commit #578, [43441ba9b2abcc952cfbaa479798d23e79dff25f]


  • Operating system: [Azure Blob Storage]
  • Browser: [Google Chrome]
  • Version: [latest]

Additional context

The email template is configured to generate the link as:




I think the bug has been introduced in commit #516 which tried to resolve issue #460.

In particular the first error message is thrown on line 86 in confirm-password.ts. The error message is thrown when the application calls usersService.activateUser(queryParams);

There are several issues with having this functionality in the initialize() method, because the same code tries to handle different cases:

  1. Confirm a user
  2. Reset a user’s password

The query parameters are not the same, meaning if the usersService.activateUser was executed successfully the identity will be set to ‘null’ rendering the user unable to login even if they reset their password. (The identity in this case is the user’s login name)

public async activateUser(parameters: URLSearchParams): Promise<void> { const userId = parameters.get(“userid”); const ticket = parameters.get(“ticket”); const ticketId = parameters.get(“ticketid”); const identity = parameters.get(“identity”); const requestUrl = /users/${userId}/identities/Basic/${identity}; const token = Ticket id="${ticketId}",ticket="${ticket}";

    await this.mapiClient.put<void>(requestUrl, [{ name: "Authorization", value: token }], {});

The $ConfirmQuery available in the Notification templates in Azure only provides the first three parameters. My guess is that this method should not be called when the user is just trying to reset their password.

The second error message is thrown on line 129 in the confirm-password.ts file. My guess is there is problem with the usersService.updatePassword method. It passes a null object as a header and it makes sense the management API would refuse to accept the request.

public async updatePassword(userId: string, newPassword: string): Promise<void> { await this.mapiClient.patch(userId, undefined, { password: newPassword }); }

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Reactions:2
  • Comments:10

github_iconTop GitHub Comments

guidevelopercommented, May 1, 2020

UPDATE I have found a fix for the reset password not working…

In confirm-password.ts pass in the query parameters to the updatePassword method const queryParams = new URLSearchParams(; await this.usersService.updatePassword(this.userId, queryParams, this.password());

Then in usersService.updatePassword ad them as headers public async updatePassword(userId: string, parameters: URLSearchParams, newPassword: string): Promise<void> { const ticket = parameters.get("ticket"); const ticketId = parameters.get("ticketid"); const token = Ticket id=“${ticketId}”,ticket=“${ticket}”; await this.mapiClient.patch(users/${userId}, [{ name: "Authorization", value: token }], { password: newPassword }); }

giovannaalvescommented, May 13, 2020

I had to remove this code from the confirm-password because on load the page, an account confirmation request was being done and a error message was being displayed:

(I use this url for confirm user account: “signup?$ConfirmQuery”)

 try {            
            await this.usersService.activateUser(queryParams);
            this.userId = await this.usersService.getCurrentUserId();

            if (!this.userId) {
                throw new Error("User not found.");
        } catch (error) {
            const validationReport: ValidationReport = {
                source: "confirmpassword",
                errors: ["Erro na ativação do usuário: " + error.message]
            this.eventManager.dispatchEvent("onValidationErrors", validationReport);

And I needed to add this on my usersService.updatePassword, because its was coming null :

userId = userId || parameters.get("userid");

Now, its works for me. Thanks @guideveloper!

Read more comments on GitHub >

github_iconTop Results From Across the Web

Troubleshoot self-service password reset - Azure
Learn how to troubleshoot common problems and resolution steps for self-service password reset in Azure Active Directory.
Read more >
Unable to log into self-hosted retool instance
I requested a reset password, and it says there is no user with my email address, which is weird because I have definitely...
Read more >
How can I reclaim access to self-hosted applications ...
Now, once this is done, go back to your Appsmith Login UI, and now SIGNUP with this email address, and the password that...
Read more >
Manage account settings - Okta Documentation
In the Security Methods section, click Reset next to Password. You're redirected to a third-party page where you can reset your password. Reset...
Read more >
I Can't Login - Sentry Support
If you are unable to login because you need to reset your 2FA, please reach out to your organization owner and they can...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found