When adding users to a system, or resetting a user's password, authentication tokens are used to ensure the credential setup process isn't hijacked or left open to a security vulnerability. These security tokens are only active for 15 minutes from the minute the email is dispatched to the user. If a user fails to complete the setup process in that time the user will be shown a message when following the link.


The token has expired or is otherwise invalid. Please try resetting your password again.


Should this happen the user's token will need to be reset. There are two ways to reset a token for a user.


Have the user request a password reset themself.

  1. The user may reset his/her token at any time by requesting a new password reset. Have the user visit the webadmin portal for your company and follow the steps given in the Forgot Password option found underneath the login text input boxes.
  2. A new email will be dispatched to the user with a new authentication token link to set their password!



Reset the Token For the User

Alternatively, you can reset the token for the user at any time using the reset password option found in webadmin.

  1. Log into your company's webadmin portal
  2. Click on users
  3. Find the user that needs to have the token reset.
  4. Click the Reset Password button next to the user's name.
  5. A new email will be dispatched to the user with a new authentication token link to set their password!


FAQ Regarding the Token

Can this time period be adjusted beyond 15 minutes?

Yes. We can adjust the time to any time you request. We found 15 minutes was the appropriate amount of time to provide access to the steps needed as well as adhering to security best practices.


Why did you use a security token? The old platform sent our passwords to us!

The old platform did email passwords to you. But, we are putting security first on EazyApp. One of these  decisions was to remove plain text passwords being emailed to you. 


Can I set the password for the user?

Currently, the only way for this to be done is for you to set the user's email as your email and perform the steps on behalf of the user. Once the steps are completed you would log back into webadmin and update the users account with their email address instead of your own. We recommend that last step just in case the user needs to reset their password themself in the future. If you are wanting this done on a bulk add user option with static passwords please contact our support team.