Reset password link expiring before the defined time

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Problem description

When using Crowd's Forgot your password? option, he reset link doesn't work and produces an error, even if accessed immediately after receiving the email:

The reset password token you have provided has expired.

Diagnostic

  • Check if the following message appears in atlassian-crowd.log:

1 2019-10-15 16:37:41,135 https-jsse-nio-8443-exec-8 INFO [crowd.console.action.ResetPassword] Invalid reset password token for null

  • Compare the link received in the email with the actual URL in the Crowd login page.

  • Log into Crowd with an Admin account, go to General options and check the Base URL value. It must match the initial part of the reset link received via email.

Resolution

Crowd 2.12 and below

Edit the <crowd_home>/crowd.properties file and change (or add) the base URL (crowd.base.url) there. This determines the address Crowd will use in that email.

Example:

1 2 3 4 5 6 7 8 9 10 #Tue Jun 21 14:12:06 BRT 2011 session.lastvalidation=session.lastvalidation application.password=7lt9dcPS session.isauthenticated=session.isauthenticated application.name=crowd crowd.server.url=http\://192.168.132.36\:8095/crowd/services/ session.validationinterval=0 session.tokenkey=session.tokenkey application.login.url=http\://192.168.132.36\:8095/crowd crowd.base.url=http\://localhost\:8095/crowd

Instead of:

1 2 3 4 5 6 7 8 9 10 #Tue Jun 21 14:12:06 BRT 2011 session.lastvalidation=session.lastvalidation application.password=7lt9dcPS session.isauthenticated=session.isauthenticated application.name=crowd crowd.server.url=http\://192.168.132.36\:8095/crowd/services/ session.validationinterval=0 session.tokenkey=session.tokenkey application.login.url=http\://192.168.132.36\:8095/crowd

Update the Base URL accordingly:

  1. Log in to the Crowd Administration Console.

  2. Click the 'Cog Icon' button in the top navigation bar, then General.

  3. The 'General options' screen appears. Type the new base URL in the appropriate field. For example:

  4. Click the 'Update' button

Updated on April 8, 2025
Platform
Data Center only
Product
Crowd Data Center
On this pageProblem descriptionDiagnosticResolution

Still need help?

The Atlassian Community is here for you.
Ask the Community