Portal User Set Password On First Login

Posted by awbranch on 04-Dec-2013 09:03

I have an employee object that was created with Portal Visitor fields (loginName and password). I want an email sent to the employee when the record is created, notifying them that they they have a portal account with a link to login.

I created an on create trigger and email template.

The problem is how do I send them their password they need to log in?

I can't add a password to the email template because it displays "Password on file"

Is there some mechanism or trick I can use to allow the user to set their own password the first time they log in?

Posted by awbranch on 16-Dec-2013 15:58

I eventually found the issue. I had an additional trigger between the trigger I used to create the password and the one I used to send the email. If you don't have your "Send Email" trigger directly after the trigger you used to generate a password you won't be able to read it.

Chapter 2 of Rollbase in Action has the following blurb, which is inaccurate:

"For security reasons passwords are encrypted when stored internally. Actual password's

value is never displayed on UI pages. However password’s value is always accessible

through formulas and API."

Chapter 6 says:

"Important: Passwords cannot be retrieved through Query API due to security precautions."

This is because hashes are stored in the DB not the actual password, so its not even available.

Chapter 11 has the definitive answer for generated portal logins:

"You can include template token corresponding to the password field into email templates.

In this way a Visitor can be notified by email about password change. However this field

token works only immediately after the change. Later actual password's value is not

available for viewing or retrieving through API. This is done as security precaution. "

Its not clear how long "immediately" means, but apparently the following trigger is soon enough.

All Replies

Posted by awbranch on 16-Dec-2013 15:58

I eventually found the issue. I had an additional trigger between the trigger I used to create the password and the one I used to send the email. If you don't have your "Send Email" trigger directly after the trigger you used to generate a password you won't be able to read it.

Chapter 2 of Rollbase in Action has the following blurb, which is inaccurate:

"For security reasons passwords are encrypted when stored internally. Actual password's

value is never displayed on UI pages. However password’s value is always accessible

through formulas and API."

Chapter 6 says:

"Important: Passwords cannot be retrieved through Query API due to security precautions."

This is because hashes are stored in the DB not the actual password, so its not even available.

Chapter 11 has the definitive answer for generated portal logins:

"You can include template token corresponding to the password field into email templates.

In this way a Visitor can be notified by email about password change. However this field

token works only immediately after the change. Later actual password's value is not

available for viewing or retrieving through API. This is done as security precaution. "

Its not clear how long "immediately" means, but apparently the following trigger is soon enough.

This thread is closed