Runbook: Reset Zitadel Admin Password

Purpose

Restore access to the Zitadel admin account when credentials are lost or expired.

Prerequisites

• Access to Zitadel admin console or recovery account
• SSH access to odin (if needed)

Procedure

Step 1: Attempt password reset via UI

1. Open the Zitadel login page.
2. Use the "Forgot password" flow if available.
3. Follow recovery steps using admin email.

Step 2: Reset via admin console

If another admin account exists:

1. Log in with the alternate admin account.
2. Navigate to Users.
3. Select the locked admin user.
4. Trigger a password reset and send a recovery link.

Step 3: Restart Zitadel (if needed)

ssh ravenhelm@100.115.101.81 "docker restart zitadel"

Verification

• Admin can log in successfully
• Audit logs show a successful login

Rollback

If the reset fails, create a new admin user and disable the old account once access is restored.

Related

• Identity Management
• Authentication Issues