Skip to content

Enabling Notifications for User Operations

The primary objective of this is to send a notification to an external endpoint once a user operation has taken place. For example, you want to send an email to an email address once a new user is created or the password of an existing user is changed. This can be achieved by enabling notifications for user operations.

The configuration differs based on the type of notifications you want to send to the external endpoint. The following instructions provide information on how to send an email when a user operation takes place.

  1. Enable axis2 email transport sender by addig your SMTP provider values to deployment.toml as the following example.

    • mail.smtp.from - The mail address from where you want to send the notification. It can be any working mail address.

    • mail.smtp.user - User name of the the mail you have provide in mail.smtp.from.

    • mail.smtp.password - Password of the mail you have provided in mail.smtp.from.

    • - The SMTP server to connect to.

    • mail.smtp.port - The SMTP server port to connect to, if the connect() method does not explicitly specify one. Defaults to 25.

    • mail.smtp.starttls.enable - If true, enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection before issuing any login commands. Note that an appropriate trust store must configured so that the client will trust the server's certificate. Defaults to false.

    • mail.smtp.auth - If true, attempt to authenticate the user using the AUTH command. Defaults to false.

    For information about the SMTP, see here .

    from_address = ""
    username = "wso2demomail"
    password = "mailpassword"
    hostname = ""
    port = "587"
    enable_start_tls = true
    enable_authentication = true


    If you are using a Google mail account, note that Google has restricted third-party apps and less secure apps from sending emails by default. Therefore, you need to configure your account to disable this restriction, as WSO2 Identity Server acts as a third-party application when sending emails to confirm user registrations or notification for password reset WSO2 Identity Server.

    Follow the steps given below to enable your Google mail account to provide access to third-party applications.

    1. Navigate to
    2. Click Signing in to Google on the left menu and make sure that the 2-step Verification is disabled or off.
    3. Click Connected apps and sites on the left menu and enable Allow less secure apps.
  2. Configure the <IS_HOME>/repository/conf/identity/ file with the desired destination configurations and template configurations. The following is a sample configuration for sending an email to an email address on user operation event.

    For example user operations can be account recovery, account locking/disabling, ask password.
    email.subscription.userOperation.template=/home/user/Desktop/johnsmith (If you are using windows machine the path would be C:\Users\Administrator\Desktop\johnsmith)
    email.subscription.userOperation.subject=User operation change information
    email.subscription.userOperation.endpoint.privateMail.salutation=Admin private mail
    email.subscription.userOperation.endpoint.privateMail.subject=User operation change information to private mail

    Property Description By defining this property, you can register the email sending module in the Notification-Mgt framework, so that the email sending module acts as a listener.
    email.subscription.1 The first subscription by the email module is ' userOperation '. When a user operation happens, an event is triggered from the system. From this configuration you can make the email module to subscribe for that particular event and send an email on events. You can define this subscription name as userOperation (you must use this since this is the name of the event that is published by the publishing party) and from this point onwards you will be using email.subscription.userOperation as the prefix for properties relevant to this subscription.

    This is the template for the email. You can configure your template such that it has placeholders. These placeholders are replaced with dynamic values that are coming from the event or you can define values for these placeholders using your configurations.

    The following is a sample email template with placeholders.

    Hi {username}

    This is a test mail to your private mail. The operation occurred was: {operation}.

    The following are the dynamic data used in the user operation event.

    - operation: The type of user operation that took place.
    - username: The username of the user that is subject to the information change.


    This property can be used to replace a placeholder in the email template. In this particular scenario, this property has no value or usage since there is no place holder for this. Supposing you had a template like the following, this value replaces the placeholder of {salutation}.

    Hi {salutation}

    This is a test mail to your private mail. The operation occurred was: {operation}

    email.subscription.userOperation.subject This is a module specific property and is specific to the email module. You can define the subject of the mail using this property. Now you are done with subscription level configurations and progressing towards defining endpoint information.
    email.subscription.userOperation.endpoint.1 This is the first endpoint definition for the userOperation event subscription. From this point onwards, you are defining properties that are relevant to this endpoint. You defined the name of the first endpoint as privateMail . From this point onwards you must use email.subscription.userOperation.endpoint.privateMail as the prefix for properties relevant to this endpoint.
    email.subscription.userOperation.endpoint.privateMail.address This is an endpoint configuration that is used to define the email address.

    This is an endpoint level configuration and the same as the property “ email.subscription.userOperation.salutation=Admin ”.

    This property can be used to replace a placeholder in email template. In the scenario mentioned in this topic, this property has no value or usage since there is no placeholder for this. Suppose we had a template like following, this value replaces the placeholder of {salutation}.

    Hi {salutation}

    This is a test mail to your private mail. The operation occurred was: {operation}

    email.subscription.userOperation.endpoint.privateMail.subject This is an endpoint level configuration to define the subject of the email. Notice that it is possible to define the subject of the email using email.subscription.userOperation.subject=User operation change information as mentioned earlier. However, since this is a more specific level property (this is an endpoint level property and not an event level property) this overrides the previous property.