It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Disable / block ForgotUserDetails.jspa


Is there any possibilities to disable ForgotUserDetails.jspa? So users can't use this link and can't do any get request or reset their password. 


Best wishes

Magnus Tamm


1 answer

1 accepted

0 votes
Answer accepted
Daniel_Wong Community Leader Sep 16, 2019

Hi Magnus,

If you have user management done outside Jira (ie Crowd / Active Directory / LDAP) then you can turn on 'External User Management' in Jira's 'General Configuration' settings. This will disable the Forgot your password link on the login page.

KB for configuring Jira General Configuration options -

Alternatively, if your Jira instance sits behind a reverse proxy, you can block the /secure/ForgotLogindetails.jspa page directly at the reverse proxy level.

If you don't have a reverse proxy, you can try blocking it directly at Tomcat level. You can follow this KB to test this out -

Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you