--- title: Update users description: Reset user passwords, change user roles, and manage user accounts in Telegraf Controller. url: https://docs.influxdata.com/telegraf/controller/users/update/ estimated_tokens: 1800 product: Telegraf version: v1 --- # Update users #### Telegraf Controller is in Public Beta Telegraf Controller is in public beta and will be part of the future Telegraf Enterprise offering. While in beta, Telegraf Controller is **not meant for production use**. The Telegraf Controller documentation is a work in progress, and we are actively working to improve it. If you have any questions or suggestions, please [submit an issue](https://github.com/influxdata/docs-v2/issues/new?labels=Telegraf%20Controller). We welcome any and all contributions. Beta expectations - **No configuration or agent limits** While in beta, Telegraf Controller doesn't place any limits on the number of configurations you can store or the number of Telegraf agents you can track. However, upon being generally available, the free distribution of Telegraf Controller will have limits introduced, with the option to increase limits through a Telegraf Enterprise license. - **Potential breaking changes** While in beta, we will do our best to no longer make breaking changes to Telegraf Controller, however, they may be necessary. The majority of changes we make will be additive and non-breaking, and include any necessary migrations. When we do need to make breaking changes, we will do our best to communicate them clearly and in advance to minimize disruption. - **Flexible release schedule** While in beta, we will continue to create new releases of Telegraf Controller, but likely at irregular intervals. We will provide [Telegraf Controller release notes](/telegraf/controller/reference/release-notes/) to make it easy to track updates. Provide beta feedback - Use the **Feedback** feature in the Telegraf Controller UI. - [Join the InfluxDB Community Slack](https://influxdata.com/slack) and post feedback in the **#telegraf-enterprise-alpha** channel. - Post feedback in the [InfluxData Community](https://community.influxdata.com). Join our public channels - [InfluxDB Community Slack *(Preferred)*](https://influxdata.com/slack) - [InfluxData Community](https://community.influxdata.com) - [InfluxDB Subreddit](https://reddit.com/r/influxdb) Owners and administrators can reset passwords and change roles for other users in Telegraf Controller. These actions help maintain account security and ensure users have the appropriate level of access. ## Reset a user’s password When a user forgets their password or needs a credential refresh, you can generate a time-limited reset link for them. You must have the **Owner** or **Administrator** role to reset passwords. Only the **Owner** can reset **Administrator** passwords. ### Generate a password reset link 1. Navigate to the user’s detail page. 2. Click **Reset Password**. 3. Set the link expiration. The default is 24 hours, but you can configure it from 1 to 720 hours. 4. Click **Generate Link** to create the reset link. 5. Copy the generated reset link and share it with the user through a secure channel. ### Complete a password reset After receiving a reset link, the user completes the following steps: 1. Open the reset link in a browser. 2. Enter a new password that meets the complexity requirements. 3. Click **Submit** to save the new password. The user is not automatically logged in after resetting their password. They must log in with their new credentials. ### Emergency owner password reset If the owner account is locked out or the owner has forgotten their password, you can reset it using environment variables. 1. Set the following environment variables: - [`RESET_OWNER_PASSWORD=true`](/telegraf/controller/reference/config-options/#reset-owner-password) - [`OWNER_PASSWORD`](/telegraf/controller/reference/config-options/#owner-password) to the desired new password 2. Restart the Telegraf Controller application. 3. Log in with the new password. 4. Remove the `RESET_OWNER_PASSWORD` and `OWNER_PASSWORD` environment variables. Remove `RESET_OWNER_PASSWORD` and `OWNER_PASSWORD` environment variables after successfully logging in. Leaving them set causes the password to reset on every application restart. ## Change a user’s role You can promote or demote users by changing their assigned role. You must have the **Owner** or **Administrator** role to change a user’s role. Only the **Owner** can change a user’s role to **Administrator**. 1. Navigate to the user’s detail page. 2. Select the user’s new role. 3. Confirm the change when prompted. The following restrictions apply to role changes: - You cannot assign the **Owner** role directly. To make a user the owner, the current owner must [transfer ownership](/telegraf/controller/users/transfer-ownership/). #### Side effects of changing a user’s role - The user’s API tokens are reclamped to match the new role’s permissions. If the new role cannot manage tokens (such as **Viewer**), all active tokens are revoked. - The user’s active sessions are destroyed. They must log in again to continue using Telegraf Controller. #### Related - [Telegraf Controller configuration options](/telegraf/controller/reference/config-options/) - [Authorization](/telegraf/controller/reference/authorization/)