Reset Passwords and RBAC Tokens in Kong Manager
For authentication, Kong uses two different credentials for admins:
- An admin uses a password to log in to Kong Manager.
- An admin uses an RBAC token to make requests to the Kong Admin API.
If using basic authentication, an admin may reset their password from within Kong Manager. Since LDAP and OIDC Authentication imply that an organization stores and manages passwords outside of Kong, password reset is not possible with either type.
Each RBAC token is stored in Kong as a hash. Regardless of the authentication option selected, an admin may reset their RBAC token from within Kong Manager. Note that to support confidentiality, RBAC tokens are hashed and cannot be retrieved after they are created. If a user forgets the token, the only recourse is to reset it.
Reset a forgotten password in Kong Manager
Prerequisites
- Authentication and RBAC are enabled with basic authentication
- SMTP is configured to send emails
Steps
- At the login page, click Forgot Password.
- Enter the email address associated with the account.
- Click the link from the email.
- Reset the password. Note that you will need to provide it again immediately after the reset is complete.
- Log in with the new password.
Change a password from within Kong Manager
Prerequisites
- Authentication and RBAC are enabled with basic authentication
- You have super admin permissions or a user that has
/admins
and/rbac
read and write access
Steps
- Open the dropdown from your account name, then select Profile.
- In the Reset Password section, fill in the fields and click the Reset Password button.
Reset an RBAC token in Kong Manager
Prerequisites
- Authentication and RBAC are enabled
- You have super admin permissions or a user that has
/admins
and/rbac
read and write access
Steps
- Open the dropdown from your account name, then select Profile.
- In the Reset RBAC Token section, click Reset Token and confirm the reset.
- To copy the token, click Copy.