This guide details the steps required for the installation, configuration, and use of Aranda PassRecovery V8 (APR), which allows the management and recovery of the password of a registered user, taking into account a process of configuration and validation of security questions, for the unlocking of the domain account.
Defining a one-time token
During the processes, the application sends a unique link to the user’s registered emails (main - alternate). This link contains a One-time token, which has the following characteristics:
- The token is generated and sent by the application as part of the secure access link.
- Each token has a limited validity time, which is previously defined by the administrator in the Configuration in the Admin console.
-
The token is considered Used in the following cases:
- When the user clicks the Save when you finish setting up the security questions.
- When the user correctly answers all security questions during the account unlocking, password change, or reset process.
- Once used or expired, the token cannot be reused. In case of trying to access again with an invalid token, the alert will be displayed: Token validation error.