Reset Password
On this page
The Reset Password Identity Validation implementation ensures that users cannot perform a reset password flow without first ensuring the user is adequately identified. The settings below therefore can affect the level of security Authelia provides to your users so they should be carefully considered.
This process is performed by issuing a HMAC signed JWT using a secret key only known by Authelia.
Configuration
Options
This section describes the individual configuration options.
jwt_lifespan
The lifespan of the JSON Web Token after it’s initially generated after which it’s considered invalid.
jwt_algorithm
The JSON Web Token Algorithm used to sign the JWT. Must be HS256, HS384, or HS512.
jwt_secret
The secret used with the HMAC algorithm to sign the JWT.