Email templates¶
WSO2 Identity Server organizations use several email templates to send email notifications to users.
Note
- You can customize all available email templates to match your organization's preferences using the Email Templates API.
- You can also use the Console to change some of the most frequently used email templates in WSO2 Identity Server. Learn how to customize email content from the Console.
Email templates in WSO2 Identity Server¶
The following is a comprehensive list of email templates that are available in WSO2 Identity Server.
Note
Some of the email templates below should contain URLs to redirect the user for certain actions. Learn how to generate these URLs in the URLs in email templates section.
| Template ID | Description |
|---|---|
| LiteUserEmailConfirmation ResendLiteUserEmailConfirmation |
These emails are generated when you create an account in WSO2 Identity Server. |
| EmailConfirm AccountConfirmation ResendAccountConfirmation |
These emails are sent when a user creates an account in your WSO2 Identity Server organization. The email will prompt the user to confirm their account/email |
| VerifyEmailOnUpdate | This email is generated when the user changes the email associated with the account. |
| AccountIdRecovery | This email is generated when a user requests an account ID recovery. |
| PasswordReset resendPasswordReset AdminForcedPasswordReset resendAdminForcedPasswordReset |
These emails involve password resets. Depending on whether the user or the administrator initiates the password reset, separate emails are generated. |
| initiateRecovery | This email is generated when a user initiates a password reset using security questions. |
| passwordResetSuccess | This email is generated when a user successfully resets the password. |
| AdminForcedPasswordResetWithOTP resendAdminForcedPasswordResetWithOTP |
These emails are generated when a user initiates password reset using OTP. The email template can display the OTP using the {{ confirmation-code }} literal. |
| TemporaryPassword | This email is generated when a user is offered a temporary password by the administrator. The email template can display the temporary using the {{ temporary-password }} literal. |
| AccountLockAdmin AccountUnlockAdmin AccountEnable AccountDisable |
These emails are generated when a user account is enabled or disabled. |
| AccountLockFailedAttempt | This email is generated when a user account gets locked due to a specified number of failed login attempts. The email template can display the lock duration using the {{ lock-duration }} literal. |
| AccountUnlockTimeBased | This email is generated when a user account is unlocked automatically once the lock duration exceeds. |
| UnseenDeviceLogin | This email is generated when the logs in to using an unrecognized device. The email template can display the time of login using the {{ login-time }} literal. |
| idleAccountReminder | This email is generated when there is no activity in the user account for a specified amount of time. |
| TOTP | This email is generated when the user is given a TOTP to log in. The email template can display the token using the {{ token }} literal |
| OneTimePassword | This email is generated when a user is given a new password to log in. The email template can display the password using the {{ otp-password }} literal |
| EmailOTP ResendEmailOTP |
These emails are generated when a user is given a one-time password to sign in to an application. The email templates can display the password using the {{ OTPCode }} literal. |
| magicLink | This email is generated when a user logs in with a magic link. The application name and the expiry time of the link can be accessed by the literals {{ application-name }}, and {{ expiry-time }} respectively. |
| AskPassword resendAskPassword |
These emails are generated when a user is asked to create a password for the newly created account. |
| selfSignUpNotify selfSignUpSuccess |
These emails are generated when a user uses self sign-up to register in your organization. |
URLs in email templates¶
Some email templates in WSO2 Identity Server should contain URLs which users can click to complete an action. Explained below are those URLs and in which email templates these URLs should contain.
-
URL to confirm a user account
{{ account.recovery.endpoint-url }}/confirmliteuserregistration.do?confirmation={{ confirmation-code }}&callback=https://{{ server.placeholder.websiteHostName }}/early-accessThis URL is used in the
LiteUserEmailConfirmationandResendLiteUserEmailConfirmationtemplates. -
URL to confirm an email address
This URL is used in the{{ account.recovery.endpoint-url }}/confirmregistration.do?confirmation={{ confirmation-code }}&userstoredomain={{ userstore-domain }}&username={{ url:user-name }}EmailConfirmtemplate. -
URL to confirm a user account
This URL is used in the{{ account.recovery.endpoint-url }}/confirmregistration.do?confirmation={{ confirmation-code }}&userstoredomain={{ userstore-domain }}&username={{ url:user-name }}&spId={{ spId }}AccountConfirmationandResendAccountConfirmation. -
URL to verify an updated email address.
This URL is used in the{{ account.recovery.endpoint-url }}/confirmregistration.do?confirmation={{ confirmation-code }}&userstoredomain={{ userstore-domain }}&username={{ url:user-name }}VerifyEmailOnUpdatetemplate. -
URL to reset a password
{{ account.recovery.endpoint-url }}/confirmrecovery.do?confirmation={{ confirmation-code }}&userstoredomain={{ userstore-domain }}&username={{ url:user-name }}&callback={{ callback }}&spId={{ spId }}&type=resetThis URL is used in the
PasswordResetandresendPasswordResettemplates. -
URL to reset a password (admin forced)
{{ account.recovery.endpoint-url }}/confirmrecovery.do?confirmation={{ confirmation-code }}&userstoredomain={{ userstore-domain }}&username={{ url:user-name }}&type=resetThis URL is used in the
AdminForcedPasswordResetandresendAdminForcedPasswordResettemplates. -
URL to generate a password for a newly created account
{{ account.recovery.endpoint-url }}/confirmrecovery.do?confirmation={{ confirmation-code }}&userstoredomain={{ userstore-domain }}&username={{ url:user-name }}&type=inviteThis URL is used in the
AskPasswordandresendAskPasswordtemplates. -
URL generate magic links
{{ carbon.product-url }}/commonauth?mlt={{ ma\Token }}This URL is used in the
magicLinktemplate. -
URL to prompt the user to access My Account after a user self signs up.
{{ authentication.endpoint-url }}?client_id=MY_ACCOUNT&t={{ tenant-domain }}&relyingParty=MY_ACCOUNT&type=oidc&sp=My+Account&isSaaSApp=true&authenticators=BasicAuthenticator:LOCALThis URL is used in the
selfSignUpNotifyandselfSignUpSuccesstemplates.
Note
Be sure to use proper HTML URL encoding when including above URLs in email templates.
Literals in email templates¶
Email templates use literals to display dynamic information on email templates. The following are the template literals that are accessible for all email templates in WSO2 Identity Server.
General literals¶
The following literals about the user are accessible for all email templates.
| Literal | Description |
|---|---|
| {{ user-name }} | Name of the user account. |
| {{ user.claim.givenname }} | Given name of the user. |
| {{ userstore-domain }} | Name of the user store. |
| {{ tenant-domain }} | Name of the organization. |
Branding literals¶
You can use the following literals and customize email templates to fit the branding of your organization.
You can configure the values of these literals from the WSO2 Identity Server Console. Refer to the branding documentation to learn more.
| Literal | Descriprion |
|---|---|
| {{ organization.logo.img }} | Organization logo |
| {{ organization.logo.altText }} | Logo alternative text |
| {{ organization.copyright.text }} | Copyright text |
| {{ organization.support.mail }} | Support email |
| {{ organization.color.primary }} | Primary color |
| {{ organization.color.background }} | Email background color |
| {{ organization.font }} | Email font |
| {{ organization.font.color }} | Email body font color |
| {{ organization.button.font.color }} | Email button font color |