Ability to perform Organization Recovery via an API as an Administrator Account

As an Administrator, I need an API for Organization Recovery to automate the process of granting administrators access to user account recovery.

What’s the problem? Hey Passbolt team, we currently use Passbolt’s Organization Recovery feature, which allows administrators to helps users with their Account Recovery in the event that they lose their passphrase and Recovery Key. However, we don’t have a way to trigger this process through an API, and it’s becoming a real pain point.

Right now, if we need to invoke Account Recovery with Organization Key, we have to do it manually through the web interface. This manual process is slow, especially in time-sensitive situations where quick access is crucial. We’re looking for a way to automate and streamline this process, making it more efficient and reliable.

Q2 - Who is impacted?
This is largely a feature that will help us Administrators in managing the account recovery process in the event that a user requests for an account recovery.

Q3 - Why is it important and/or urgent?
We want to onboard Passbolt for the entire organization and without the feature scalability and growth would become a concern, adding an overhead to our Ops.

Q4 - What is your proposed solution? (optional)

  • A new API endpoint for initiating Account Recovery for users using the Organization Recovery Key
  • Strict authentication to ensure only authorized personnel can use it - in this case we can create a service account for this.
  • The ability to provide a reason for invoking recovery, which gets logged

Hello,

The are already API endpoints to control the account recovery flow programmatically, currently only the browser extension uses these endpoints but it should be possible to build a separate service, that holds the account recovery key and pulls/complete the requests for account recovery from users. See. https://docs.google.com/document/d/1_Bksoq1Gnd7sEdTw7L91o6stIb4ou-quaxv1E-LOAZw/edit?tab=t.0#heading=h.sgf791eczb5z

I think it’s an interesting idea to have a separate service in charge of recovery. Out of curiosity, how should the process work for you? E.g. how would you identify if a user request is legitimate or not? There is email validation, but that’s pretty much it. Is that sufficient for your use case or would you require the administrator to perform an action also, if so when?

Cheers,

In our case, we are planning to integrate with slack, so how this works is - User requests for account recovery using passbolt. This would initiate an account recovery request to the admin, via an email - we will parse this email to get the request ID of the recovery request and store it in a database we own. Before generating confirmation from the administrator, our plan is to send an additional slack notification to the end user asking to confirm if they have requested for recovery - if they click on confirm, we will generare a request to our admins. Once the admin confirms the recovery - in our case this process would be outside passbolt again with our own approval process to the defined admin. What we would like to do then is to complefe the organization recovery by supplying the organizational recovery key along with the passphrase via a payload to the API and complete the recovery. This way the admin does not need to log on to the extension and manually approve the request from the console.