Unlocking Convenience: Introducing Self-Service Password Reset in Sage X3

3 minute read time.

With the ongoing commitment to enhancing user experience, Sage X3 Version 2023 R2 introduces password reset functionality for the basic authentication method**. This new functionality empowers users to reset their account passwords with a seamless and user-friendly process without the need for intervention from an administrator.   **NOTE: as discussed in Security Best Practises "you should never use the basic authentication in production, as it is only intended for demos."

Why Self-Service Password Reset?

Empowering Users - The Self-Service Password Reset feature puts the power back into the hands of users, allowing them to reset their passwords without needing external assistance. Improving user autonomy and providing quick resolutions when it comes to account access.

Streamlining Support - By enabling users to reset their passwords independently, we aim to reduce the burden on IT support teams. It enhances operational efficiency and ensures users regain access to their accounts, minimising downtime.

Benefits of Self-Service Password Reset

Time Efficiency - Eliminate the need for lengthy support tickets and waiting periods. Users can regain access to their accounts within minutes, minimising disruptions to their workflow.

Enhanced Security - By allowing users to reset their passwords promptly, the likelihood of unauthorised access due to forgotten passwords or delays in support response is significantly reduced.

Reduced Support Workload - System support teams can focus on more complex issues, knowing that users themselves efficiently handle routine password resets. This results in improved overall support service.

How To Setup Self Service Password Reset 

The password reset functionality utilises the Sage X3 Notification server. In this blog I won’t go into the details of how to configure this. You can find more information in the Sage X3 online help and the blog listed.

Notification Servers Sage X3 Online help

New Feature “Using Notification Server with Workflow” in 2022R2

1. Make sure that the notification server is configured in global settings. This will be used to relay the emails to your mail server.

2. Next, set the new parameter “Allow website domains”. This is a safelist of single or multiple domains to which password reset emails can be sent. This setting mitigates the risk of transmitting the password link to any unauthorised domain.

3. Set the password for the token validity, expressed in minutes. This parameter controls how long the reset link will be valid.

4. The user must have a valid email address with a domain specified in the safelist in global settings. The user authentication method must also be set to ‘standard’, also known as basic, for the password reset email to be generated.

Now, users can manage their password resets, freeing up precious system admin time.

The User Experience 

Click the ‘Forgot password’ link on the main login page to reset the password. This will take you to the next screen, where you need to specify the email address associated with your user.

A message will be displayed on the screen notifying the user that an email has been sent to the address specified with the reset instructions if the address is valid.

The email will only be sent to the user if the address supplied is associated with a Sage X3 User, and the user's email domain is included in the allowed website domains in global settings (if this has been configured). The user can then click on the link and set a new password.

Note that the password must meet the requirements set by the specified password policy in global settings. If not, the minimum requirements will be displayed on the screen.

A few things to be aware of: if the user clicks the link after the validity period set in global settings and mentioned in the email, the expired message will be displayed.  

If no mail server is specified in global settings, pressing ‘forgot password’ will display the feature is not enabled message will be displayed.

I hope you found this run-through of the new feature useful and will allow you to use the password reset functionality. Let us know if you have any feedback or additional comments.

Note that Sage still recommends against using basic/standard authentication methods in a production environment, as documented in the Security Best Practices guide.