I have Apex-code which generates new user accounts, and it specifies a user-provided password for the account.
On first login the users are prompted to change the password, which is a painful extra step in our current workflow.
How do I prevent users being forced to set a new password?
My Apex looks like this:
User usr = new User(
<<fields populated>>
);
// Set the DML options to prevent e-mail to new user
Database.DMLOptions dlo = new Database.DMLOptions();
dlo.EmailHeader.triggerUserEmail = false;
//Insert new user
Database.SaveResult sr = Database.insert(usr,dlo);
if (sr.isSuccess()) {
String errString = '';
try {
//Get user Id
Id usr_sfid = sr.getId();
if (usr_sfid == null)
{
errString = 'Error setting password (username: ' + username + ') - Could not get Id to set User pwd.';
System.debug(errString);
}
else
{
System.setPassword(usr_sfid, usr_password);
}
}
catch(Exception e) {
errString = 'Error setting password (username: ' + username + ')' + e.getMessage();
System.debug(errString);
}
Best Answer
This is "Working as Designed" in terms of Salesforce functionality. Any time a new user is created or their password is reset, it's expected they'll be prompted to create a new password of their own choosing when they next log-in.
This is largely for security reasons should a user not receive the email they were sent or should it be sent to the wrong email address. These messages usually have an expiration date-time on them, after which the password that's included/embedded expires. Additionally, you don't want an email sitting around that someone else might be able to access at another time that contains a link which allows them to access the user's secure Salesforce Account.