matrix-docker-ansible-deploy/docs/updating-users-passwords.md

# Updating users passwords

## Option 1 (if you are using the integrated Postgres database):

You can reset a user's password via the Ansible playbook (make sure to edit the `<your-username>` and `<your-password>` part below):

```
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=<your-username> password=<your-password>' --tags=update-user-password
```

**Note**: `<your-username>` is just a plain username (like `john`), not your full `@<username>:example.com` identifier.

**You can then log in with that user** via the Element service that this playbook has created for you at a URL like this: `https://element.example.com/`.


## Option 2 (if you are using an external Postgres server):

You can manually generate the password hash by using the command-line after **SSH**-ing to your server (requires that [all services have been started](installing.md#starting-the-services)):

```
docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml
```

and then connecting to the postgres server and executing:

```
UPDATE users SET password_hash = '<password-hash>' WHERE name = '@someone:example.com'
```

where `<password-hash>` is the hash returned by the docker command above.


## Option 3:

Use the Synapse User Admin API as described here: https://github.com/element-hq/synapse/blob/master/docs/admin_api/user_admin_api.rst#reset-password

This requires an [access token](obtaining-access-tokens.md) from a server admin account. *This method will also log the user out of all of their clients while the other options do not.*

If you didn't make your account a server admin when you created it, you can learn how to switch it now by reading about it in [Adding/Removing Administrator privileges to an existing Synapse user](registering-users.md#addingremoving-administrator-privileges-to-an-existing-synapse-user).

### Example:
To set @user:example.com's password to `correct_horse_battery_staple` you could use this curl command:
```
curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix.example.com/_matrix/client/r0/admin/reset_password/@user:example.com?access_token=MDA...this_is_my_access_token
```
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00			`# Updating users passwords`

Remove more hardcoded matrix-postgres references 2022-11-27 08:16:18 +01:00			`## Option 1 (if you are using the integrated Postgres database):`
Mention the Synapse User Admin API on updating-users-passwords.md 2019-05-10 22:33:15 +02:00
accidentaly removed a : 2020-01-20 22:02:02 +01:00			You can reset a user's password via the Ansible playbook (make sure to edit the `<your-username>` and `<your-password>` part below):
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00			```
reversing another accident, forgot vim mode wasnt enabled at the time 2020-01-20 22:05:46 +01:00			`ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=<your-username> password=<your-password>' --tags=update-user-password`
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00			```
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00
Replace <your-domain> with example.com Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> 2024-10-17 15:19:28 +02:00			Note: `<your-username>` is just a plain username (like `john`), not your full `@<username>:example.com` identifier.
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00
Replace <domain> with example.com Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> 2024-10-17 20:10:02 +02:00			You can then log in with that user via the Element service that this playbook has created for you at a URL like this: `https://element.example.com/`.
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00
			`## Option 2 (if you are using an external Postgres server):`
Mention the Synapse User Admin API on updating-users-passwords.md 2019-05-10 22:33:15 +02:00
			`You can manually generate the password hash by using the command-line after SSH-ing to your server (requires that [all services have been started](installing.md#starting-the-services)):`
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00			```
			`docker exec -it matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml`
			```
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00
			`and then connecting to the postgres server and executing:`

Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00			```
Replace server.com with example.com Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> 2024-10-17 19:35:17 +02:00			`UPDATE users SET password_hash = '<password-hash>' WHERE name = '@someone:example.com'`
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00			```
Update updating-users-passwords.md Fixed markdown error 2020-12-23 11:23:09 +01:00
Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 15:30:26 +02:00			where `<password-hash>` is the hash returned by the docker command above.
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00

			`## Option 3:`

Replace (almost) all matrix-org/synapse references with element-hq/synapse Issues and Pull Requests were not migrated to the new organization/repository, so `matrix-org/synapse/pull` and `matrix-org/synapse/issues` references were kept as-is. `matrix-org/synapse-s3-storage-provider` references were also kept, as that module still continues living under the `matrix-org` organization. This patch mainly aims to change documentation-related things, not actual usage in full yet. For polish that, another more comprehensive patch is coming later. 2024-01-17 06:58:01 +01:00			`Use the Synapse User Admin API as described here: https://github.com/element-hq/synapse/blob/master/docs/admin_api/user_admin_api.rst#reset-password`
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00
Create dedicated doc page on obtaining access tokens 2022-08-20 11:47:14 +02:00			`This requires an [access token](obtaining-access-tokens.md) from a server admin account. This method will also log the user out of all of their clients while the other options do not.`
changes to the docs for the new admin modifcation scripts 2020-01-20 21:59:36 +01:00
Remove matrix-change-user-admin-status mentions and provide an alternative 2022-12-07 19:36:22 +01:00			`If you didn't make your account a server admin when you created it, you can learn how to switch it now by reading about it in [Adding/Removing Administrator privileges to an existing Synapse user](registering-users.md#addingremoving-administrator-privileges-to-an-existing-synapse-user).`
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00
			`### Example:`
Edit user identifier example (domain.com → example.com) Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> 2024-10-10 15:15:01 +02:00			To set @user:example.com's password to `correct_horse_battery_staple` you could use this curl command:
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00			```
Edit user identifier example (domain.com → example.com) Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> 2024-10-10 15:15:01 +02:00			`curl -XPOST -d '{ "new_password": "correct_horse_battery_staple" }' "https://matrix.example.com/_matrix/client/r0/admin/reset_password/@user:example.com?access_token=MDA...this_is_my_access_token`
Move around options on updating-users-passwords.md and provide an example for using the admin API 2019-05-12 04:39:31 +02:00			```