- docs
- FlowFuse User Manuals
- Using FlowFuse
- Getting Started
- Static asset service
- Bill of Materials
- FlowFuse Concepts
- Changing the Stack
- Custom Hostnames
- Custom Node Packages
- Device Groups
- DevOps Pipelines
- Environment Variables
- FlowFuse Assistant
- FlowFuse File Nodes
- FlowFuse MQTT Nodes
- FlowFuse Project Nodes
- FlowFuse Tables
- High Availability mode
- HTTP Access Tokens
- Instance Settings
- Logging
- persistent-context
- Shared Team Library
- Snapshots
- Team Broker
- Teams
- User Settings
- FlowFuse API
- Migrating a Node-RED project to FlowFuse
- Device Agent
- Device Agent
- FlowFuse Device Agent Introduction
- Installation
- Quick Start
- Register your Remote Instance
- Running the Agent
- Deploying your Flows
- Hardware Guides
- FlowFuse Cloud
- FlowFuse Cloud
- FlowFuse Self-Hosted
- Quick Start
- Installing FlowFuse
- Overview
- Configuring FlowFuse
- DNS Setup
- Docker install
- Docker from AWS Market Place
- Docker on Digital Ocean
- Add Project Stacks on Docker
- Docker Engine on Windows
- Email configuration
- First Run Setup
- FlowFuse File Storage
- Install FlowFuse on Kubernetes
- Upgrading FlowFuse
- Administering FlowFuse
- Administering FlowFuse
- Configuring Single Sign-On (SSO)
- Licensing
- Monitoring
- Telemetry
- User Management
- Support
- Community Support
- Premium Support
- Debugging Node-RED issues
- Contributing
- Contributing to FlowFuse
- Introduction
- Adding Template Settings
- API Design
- Creating debug stack containers
- Database migrations
- FlowFuse Architecture
- Local Install
- State Flows
- Device Editor
- Invite External Users
- User Login Flows
- Reset Password Flow
- Project Creation
- Instance states
- User Sign up Flow
- Team creation Flow
- Team Broker
- Working with Feature Flags
Reset Password Flow
sequenceDiagram
autonumber
participant UserEmail
participant User
participant UI
participant Runtime
participant DB
User->>UI: Access the login page
UI->>UI: Displays 'forgot pw' if `user:reset-password`=true
User->>UI: Clicks 'forgot password'
User->>UI: Enters their email address, clicks submit
UI->>+Runtime: POST /account/forgot_password { email: <email> }
Runtime->>DB: Get user
DB->>Runtime: User
Runtime->>DB: Generate AccessToken { scope: 'password:reset' }
Runtime->>UserEmail: Send email containing reset link
Runtime-->>-UI: { status: 'okay' }
UserEmail-->>User: Email received
User->>UI: Opens /account/change-password/{token}
User->>UI: Enters new details, clicks submit
UI->>+Runtime: POST /account/reset_password/:token { password }
Runtime->>DB: Validate {token} is a valid password reset token
Runtime->>DB: Get the user associated with token
Runtime->>DB: Change users password
Runtime->>DB: Delete the token
Runtime->>-UI: {status: 'okay' }
UI->UI: Prompt user to login
Updated: 4 Nov, 2025