This is an old revision of the document!

General parameters

Configuration files

To configure Self Service Password, you need to create a local configuration file named in self-service-password/conf. For example :

// Override parameters below

Self Service Password default configuration file is self-service-password/conf/ It includes Consequently, you can override all parameters in This prevents you to be disturbed by an upgrade.

Multi tenancy

You can load a specific configuration file by passing a HTTP header. This feature is disable by default. To enable it:

$header_name_extra_config = "SSP-Extra-Config";

Then if you send the header SSP-Extra-Config: mydomain, the file conf/ will be loaded.


Available language are:

  • Brazilian (pt-BR)
  • Catalonia (ca)
  • Chinese (cn, zh-CN, zh-TW)
  • Czech (cs)
  • Dutch (nl)
  • English (en)
  • Estonian (ee)
  • French (fr)
  • German (de)
  • Greek (el)
  • Hungarian (hu)
  • Italian (it)
  • Japanese (ja)
  • Norwegian bokmål (nb-NO)
  • Polish (pl)
  • Portuguese (pt-PT)
  • Russian (ru)
  • Slovak (sk)
  • Slovenian (sl)
  • Spanish (es)
  • Swedish (sv)
  • Turkish (tr)
  • Ukranian (uk)

Set one of them in $lang:

$lang = "en";

To display a top menu, activate the option:

$show_menu = true;

If menu is not shown, the default application title will be displayed.


Help messages provide information to users on how use the interface. They can be disabled with $show_help:

$show_help = false;

You can add extra messages by setting values in these parameters:

$messages['passwordchangedextramessage'] = "Congratulations!";
$messages['changehelpextramessage'] = "Contact us if you are lost...";

You change the default logo with your own. Set the path to your logo in $logo:

$logo = "images/ltb-logo.png";
Comment this parameter to hide logo


You change the background image with your own. Set the path to image in $background_image:

$background_image = "images/unsplash-space.jpeg";
Comment this parameter to falll back to default background color


You can turn on debug mode with $debug:

$debug = true;


You need a key phrase if you use ciphered tokens (see Reset by mail tokens)

$keyphrase = "secret";

There is also a protection on login to avoid LDAP injections. Some characters are forbidden, you can change the list of forbidden characters in login with $login_forbidden_chars:

$login_forbidden_chars = "*()&|";
If no characters are configured in $login_forbidden_chars, only alphanumeric characters are allowed.

You can configure “obscure” messages, so that some errors are not displayed and replaced by a generic “bad credentials” error:

$obscure_failure_messages = array("mailnomatch");

Default action

By default, the password change page is displayed. You can configure which page should be displayed when no action is defined:

$default_action = "change";

Possibles values are:

  • change
  • sendtoken
  • sendsms

You can disable the standard password change if you don't need it:

$use_change = false;

In this case, be sure to also remove “change” from default action, else the change page will still be displayed.

Prefill user login

If Self Service Password is called from another application, you can prefill the login but sending an HTTP header.

To enable this feature:

$header_name_preset_login = "Auth-User";