Sending password to email in workflow

zeross · June 3, 2025, 10:48am

I’m trying to create an workflow, to send the password of the active directory account.

But in the array results the password is null.

I’m trying to get this information from the accountRequests information. So that when an account is created the workflow triggered and will send all the necessary information by email.
Trigger:
$.accountRequests[?(@.accountOperation == “Create” && @.provisioningResult== “committed” && @.provisioningTarget == “VGZ Admins Active Directory”)]

I’m thinking this is part of the security that it is null ? Or what is otherwise the best way to send the password of the account.

RAKGDS · June 3, 2025, 10:59am

Hi Dennis,

Sending passwords via email is generally not recommended as it is not a secure practice. SailPoint Identity Security Cloud (ISC) does not provide a direct method to send passwords in emails using workflows, as this would be a security risk.

Instead, SailPoint ISC focuses on secure password management practices. When a password is changed or reset, the system typically sends an email notification to the user informing them that their password has been updated, but it does not include the actual password in the email. If you need to implement a password change or reset process, SailPoint ISC offers more secure alternatives:

Password Change Notifications: When a user’s password is changed, ISC can send an email notification informing the user that their password has been updated. This email does not contain the password itself but confirms the action has taken place.
Password Reset Links: For password resets, ISC can send emails containing secure links that allow users to reset their passwords themselves. These links are typically valid for a limited time (e.g., 120 minutes) for security reasons.
Verification Codes: ISC can send verification codes to users via email or SMS, which they can use to authenticate themselves during the password reset process.
Security Questions: Users can be prompted to answer security questions as part of the password reset process.

These methods ensure that password management remains secure while still providing users with the necessary means to manage their accounts.

Please mark it as solution if we have answered your question.

zeross · June 3, 2025, 2:03pm

Thanks for your answer. I’m looking into it.

It looks like the function Password Manager from ISC is designed for this issue.

But it’s greyed out in system features. How can I turn it on ?

system · August 2, 2025, 2:03pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is it possible to send New Hire letter/E-Mail to the user's Manager with AD account ID and password with Workflows in ISC? ISC Discussion and Questions identity-security-cloud , provisioning	5	148	March 8, 2025
Send Password to user through email on new Active Directory(AD) account Creation ISC Discussion and Questions workflows , identity-security-cloud , email-templates	6	1933	August 2, 2023
Active Directory account password generation and communication ISC Discussion and Questions identity-security-cloud , provisioning	4	947	May 11, 2024
Password Generation ISC Discussion and Questions identity-security-cloud , provisioning	4	100	August 5, 2025
Generating the password on account request IIQ Discussion and Questions identityiq	2	88	February 25, 2025

Sending password to email in workflow

Related topics