Configure Email Notifications for Account Locking¶

Once you have configured WSO2 Identity Server for user account locking, you can also configure the WSO2 IS to email to the user's email address when the user account is locked. To configure this, follow the steps below.

Enable the email sending configurations of the WSO2 Identity Server as explained below.

1. Navigate to the <IS_HOME>/repository/conf/deployment.toml file and uncomment the [output_adapter.email] configuration block.

   [output_adapter.email]
   from_address= "[email protected]"
   username= "[email protected]"
   password= "xxxx"
   hostname= "smtp.office365.com"
   port= 587

   Info

   • If you use a Gmail account as the email OTP sender, you must create an App Password. After you get an App Password from Google, update the password.
   • If your password contains special characters (example: <, >, &), you will run into errors when running the server. To avoid errors, update the password parameter as follows:

     password= "<![CDATA[xxxx]]>"

2. Update the sample values with your email adapter configurations.

   Info

   Refer configure email sending module for the complete list of email adapter configurations.

3. Save the configurations and restart the server.

WSO2 Identity Server uses separate email templates for notifying,

• Account locking by administrator
• Account unlocking by administrator

There are default email templates available for the above-mentioned emails. However, you can choose to modify them if necessary as well.

View email templates in the management console¶

1. Navigate to Main > Manage > Email Templates > List.

2. From the Select Email Template Type dropdown, select either AccountLockAdmin or AccountUnlockAdmin to notify the locked and unlocked user respectively.

3. You can customize the subject, body, and footer based on your requirement.

4. Click Save.