SAP IDM - Self Service Password Reset

In SAP IdM 8.0 or upper version, you can configure Logon help service or self-service password reset for end users. With login help service, end users can change their password. To configure Self-service password reset, below prechecks should be met −

  • You should have minimum one dispatcher running in landscape.

  • There should be one user account exists apart from administrator.

  • There should be an Identity Management User Interface configured.

  • There should be UME role with action “idm_anonymous” assigned Anonymous Users groups in UME.

Next step is to create password reset form for end users and to add to identity store configuration.

Follow the steps to create password reset form −

Go to SAP IdM developer studio $\rightarrow$ Navigate to package where you want to create the form for self-service password reset -> Form.

SAP IdM Developer Studio

Go to Context menu $\rightarrow$ New $\rightarrow$ Password reset. You can rename the form to PasswordReset form.

Go to Context Menu

Next is to assign Anonymous user group to allows access. For this go to “Access Control” tab of the newly created form $\rightarrow$ Select Anonymous in Allow access drop down $\rightarrow$ OK.

To save the changes, go to File $\rightarrow$ Save.

Access Control

Defining Password Reset Parameters

To use self-service password reset, you need to define password reset parameters like number of questions should prompt, minimum number of correct answers for validation, etc.

To define the parameters, go to Context menu of the Password reset form $\rightarrow$ Properties. Navigate to Parameters tab and configure the parameters as required.

Defining Password Reset Parameters