Change the otomi-admin password
This how to provides step-by-step instructions to reset the otomi-admin password.
Prerequisites:
- You must have access to the Keycloak admin console
- Docker needs to be installed and configured
- SOPS should be set up with Age encryption (default in LKE)
Change the password
Step 1: Generate a new password
# Generate a random 16-character alphanumeric password
head /dev/urandom | LC_ALL=C tr -dc A-Za-z0-9 | head -c 16
# Example output: FPpLvZyAdAmuzc3NStep 2: Change admin password in Keycloak
-
Go to platform view and click secrets
-
Log in to Keycloak as the
otomi-adminuser. -
Go to Users in the left-hand sidebar and find the
otomi-adminuser. -
Navigate to the Credentials tab.
-
Change the password to the one you generated.
-
Save changes (set Temporary to Disabled).
Don’t make any other changes during this operation.
Step 3: Change admin password in via platform web interface
-
Select platform view and choose secrets
-
Click 'Otomi-Secrets'
-
Click the lock icon at the
adminPasswordproperty -
Set new password
-
Click the
Save Changesbutton
Step 4: Apply the Changes
-
Wait until the SealedSecret is synced
-
After the pipeline completes, restart the
otomi-apiandapl-keycloak-operatorto ensure it applies the new credentials.kubectl rollout restart deployment -n otomi otomi-api kubectl rollout restart deployment -n apl-keycloak-operator apl-keycloak-operator -
Verify that the platform is working as expected with the new credentials.
This completes the password reset process for otomi-admin.
Updated 12 days ago
