Restore Passwords To Recover Admin User Rights

Still need help?

The Atlassian Community is here for you.

Ask the community

If you're unable to log in to Jira as an administrator (for example, you've lost the administrator password) you can start Jira in recovery mode to recover your admin user rights.

If you know the admin username, and it has a valid email address, you can reset the password using the forgot password link on the log in screen. We'll send a link to your admin email account to reset your password.

On this page:

As an administrator, you may find yourself locked out of Jira because:

  • You've imported a site from Cloud, and it does not contain a system administrator account.
  • You've forgotten the password to the administrator account, and don't have access to the email address associated with it.
  • You're using an external directory or Jira for user management, have disabled the built in user management, and your external directory is not currently available. 
  • You need to make a change to the configuration of an external user directory in Jira while that directory is not available. 

In any of these situations you can use recovery mode to restore administrator access to Jira. 

Using JIRA 6.4 or earlier? You'll need to use the database method to recover your admin user rights. See the earlier documentation.

Use recovery mode to restore access

Recovery mode works by creating a virtual user directory with a temporary admin account. You set the password for this admin account when applying the system property.  Users can continue to log in and access Jira while it is in recovery mode.

To recover administrator user rights:

  1. Stop a Jira node
  2. Add the following parameter to each available node according to the steps from the Setting properties and options on startup KB article, based on the method that's being used to start Jira:

    JVM_SUPPORT_RECOMMENDED_ARGS="-Datlassian.recovery.password=<your-password>"

    This is generally applied in the setenv.sh or setenv.bat file (depending on your operating system type) in the <jira_install>/bin directory. Note: The < and > symbol in the command above is used as placeholder. Please replace <your-password> with the password of your choice.

  1. Start your Jira node.  You may need to start them manually with the start-jira.sh or start-jira.bin scripts in the <jira_install>/bin directory. 
    1. You can also enable recover mode this for every node as needed.
  2. Access the node and Log in to Jira with the username recovery_admin and the temporary password you specified in the system property. 
    1. NOTE: In case you get "Invalid username or password" check the syntax from step 2, for example no space between two parameters or missing quotes.
    2. NOTE: When you have CROWD SSO enabled it may be needed to temporary disable this to login with recovery_admin.
    3. NOTE: You will be presented with the Welcome screen to create or import new projects. This is not indicating an empty instance.
  3. Reset the password for your existing admin account, or create a new account and add it to the appropriate administrator group. 
  4. Confirm that you can successfully log in with your new account.
  5. Stop your Jira node
  6. Remove the -Datlassian.recovery.password parameter from each available node
  7. Start your Jira again normally

Good to know:

  • Remove the system property as soon as you have restored admin access. 
  • Don't leave Jira in recovery mode, or use the recovery_admin account as a regular administrator account.  
  • Your temporary password should be a unique. Don't use an existing password or the one you intend to use for your admin account.
  • Be sure to confirm there are active users with the Jira System Administrators global permission, or else you won't be able to manage some system features in Jira.
Last modified on May 24, 2022

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.