Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

As an admin, how do I reset a user's password in Cloud?

I'm the admin of an on-prem install that we're in the process of moving to cloud. I'm having a major issue dealing with user accounts. First, there doesn't seem to be a way for me to manually create a user account, including providing the initial password - there's only Invite Users. Even if I choose to not send an email notification, it still doesn't give me the usual form (from on-prem) that allows me to set their password.

Second, once a user is created, I can't seem to find a way as an admin to reset their password. I'm looking at the User page now, and there's a reset password  button, but all it does is send an email to the user.

This is a major problem, because we have some users that aren't actually people - they're accounts that are required for various third-party systems to connect to Jira, and the email addresses associated with them are not real. 

So how can I reset the password of a user without needing access to their email?

2 answers

1 accepted

1 vote
Answer accepted
Daniel Eads Atlassian Team Nov 19, 2018

Hey Esther,

Any Cloud integrations you're looking to install should use the Atlassian Connect framework. On the backend this uses OAuth to handle authentication and username/passwords shouldn't be given to the external applications. If you're finding someplace where this isn't the case, please let us know!

In the case where you might have a script or something that wants to run as a particular user, you can use tokens instead of a dummy account with a shared password. Check out our documentation about using tokens. A major benefit of this is that you can issue multiple tokens per user and just revoke any tokens that may have been compromised instead of having to reset the password (which maybe was shared with multiple applications). These are specifically for the REST API and will show as run by whatever user created the tokens.

Coming from a Server-administration world, I can definitely see where you'd have multiple dummy accounts. My recommendation for trying to get these working with Cloud is:

  1. Check the marketplace for any Cloud-specific integrations with your other products. These will use Atlassian Connect and avoid any app-as-a-dummy-user situations.
  2. Create an email account to handle notifications from any on-prem services you have that can't use Atlassian Connect. I'd recommend this to be something like jira-integrations@yourcompany.com
  3. Create a Cloud user called something like jira-bots using the email address you just set up
  4. If you've verified your domain, you (and your fellow site administrators) can switch to the jira-bots user. Otherwise, you will need to set up a password for the account and log in using the password
  5. From id.atlassian.com, create API tokens for each of the on-prem services you need to connect to Jira/Confluence Cloud.
  6. On the "other system" side of things that formerly needed a username/password, replace the username with your Cloud bot account and the password with the application-specific API token you generated. The API tokens will transparently work like a password for anything that's connecting to the Cloud API.

There are a few small differences between the Cloud and Server APIs, so not everything that works connecting to a Jira Server instance will work by just changing the address to your Jira Cloud instance. But for the most part, this will get things rolling!

Cheers,
Daniel

Thanks, @Daniel Eads. The link you posted to documentation about using tokens keeps throwing a "something went wrong" error. Is there an updated link?

Daniel Eads Atlassian Team Dec 10, 2018

Interesting, I'm not having trouble loading it. Maybe try through Google's cache: http://webcache.googleusercontent.com/search?q=cache:https://confluence.atlassian.com/cloud/api-tokens-938839638.html ?

Hi @Esther Strom,

The short answer is you don't. With the Cloud version the user sets the password when they activate their account through the link you send in the invite. There is a "Password Reset" button available to the site-admin, that also sends an email with instructions for the user. 

-Scott

Yes, I'm aware of the Password Reset button that sends an email. But as I said in my original message, our system users aren't real people, and don't have real email addresses. Therefore the password reset email is of no use to me.

So basically what I'm hearing is that Cloud will not allow me to add system users unless they're attached to a real email address that I have access to. Seems pretty shortsighted; there are a lot of third-party apps that require a Jira account to allow connections.

You should not have accounts with invalid email addresses.  You'll need to set them to have proper email accounts, or they are useless to you.

Like Shannon likes this

My team has real email addresses, but they never receive the reset password email (they've checked Junk/Spam as well)

Is there any other way to reset passwords?

Like # people like this

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira

Admins, notify your Jira instance of system-wide changes with the new admin announcement banner

Hi All! We’re excited to share the launch of an announcement banner that lets Jira site administrators communicate directly to their users across their  Jira Cloud instance.  ...

549 views 15 18
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you