Email Notifications

How to configure email notification settings for your organization

Some actions in passbolt, such as a user sharing a password with someone else, trigger an email notification. As passbolt admin, you can control which events result in an email notification and which events are ignored. Similarly you can control whether or not a piece of information is included in those notification emails.

Passbolt events that trigger email notification

Event	Recipients
When a comment is posted on a password.	All the users having access to the given password.
When a password is created.	The user creating the password.
When a password is shared.	The users gaining access to the given password.
When a password is updated.	All the users having access to the given password.
When a password is deleted.	All the users who had access to the given password.
When a new user is invited.	The invited user.
When users try to recover their passbolt account.	The user trying to recover their account.
When a group is deleted.	Group's members.
A user is added to a group.	The user getting added.
A user is removed from a group.	The user getting removed.
When user roles change in a group.	The affected users.
When members of a group change.	The group's managers.

Information that can be shown/hidden from the outgoing emails.

Config	Show / Hide
Username	Resource username
URI	Resource URI/URL
Encrypted Secret	PGP encrypted password
Description	Resource description
Comment	Comment content

Default behavior

By default all the settings are true which means all the notifications are set to be broadcasted and all the information blocks are set to be shown.

Configuring Email Notification Settings

You can configure email notification settings using either the admin interface, config files or environment variables. If multiple settings providers are used the settings in the admin interface will override the one used in files. Similarly the settings in files will override environment variables.

Using admin user interface

Since v2.10 a user interface is provided for administrators to setup email notification settings. Click on “administration” in the top menu, then “Email Notifications” on the left menu.

The settings are divided into two sections.

Email Delivery

These settings control whether or not an email is sent on a given event.

Email content visibility

These settings control whether a piece of information is included in the emails sent.

Using Environment variables

You can use the following environment variables to control the email delivery settings. They are all boolean and accepts 1 or 0. Setting the variable to 1 (one) will mean that email will be sent for that event and setting it 0 (zero) will ignore the event.

Event	Environment variable
When a comment is posted on a password	PASSBOLT_EMAIL_SEND_COMMENT_ADD
When a password is created	PASSBOLT_EMAIL_SEND_PASSWORD_CREATE
When a password is shared	PASSBOLT_EMAIL_SEND_PASSWORD_SHARE
When a password is updated	PASSBOLT_EMAIL_SEND_PASSWORD_UPDATE
When a password is deleted	PASSBOLT_EMAIL_SEND_PASSWORD_DELETE
When a new user is invited	PASSBOLT_EMAIL_SEND_USER_CREATE
When users try to recover their passbolt account	PASSBOLT_EMAIL_SEND_USER_RECOVER
When a group is deleted	PASSBOLT_EMAIL_SEND_GROUP_DELETE
A user is added to a group	PASSBOLT_EMAIL_SEND_GROUP_USER_ADD
A user is removed from a group	PASSBOLT_EMAIL_SEND_GROUP_USER_DELETE
When user roles change in a group	PASSBOLT_EMAIL_SEND_GROUP_USER_UPDATE
When members of a group change	PASSBOLT_EMAIL_SEND_GROUP_MANAGER_UPDATE
When a folder is created, notify its creator	PASSBOLT_EMAIL_SEND_FOLDER_CREATED
When a folder is updated, notify the users who have access to it	PASSBOLT_EMAIL_SEND_FOLDER_UPDATED
When a folder is deleted, notify the users who had access to it	PASSBOLT_EMAIL_SEND_FOLDER_DELETED
When a folder is shared, notify the users who gain access to it	PASSBOLT_EMAIL_SEND_FOLDER_SHARE_CREATED
When permissions on a folder are removed, notify the users who lost access to it	PASSBOLT_EMAIL_SEND_FOLDER_SHARE_DROPPED

Similarly, for changing the email content visibility, you can use the following environment variables . They are all boolean and accepts 1 or 0. Setting the variable to 1 (one) will mean that information will be included in outgoing mails and setting it to 0 (zero) will result in not including that.

Show/Hide	Environment variable
Resource username	PASSBOLT_EMAIL_SHOW_USERNAME
Resource URI/URL	PASSBOLT_EMAIL_SHOW_URI
PGP encrypted password	PASSBOLT_EMAIL_SHOW_SECRET
Resource description	PASSBOLT_EMAIL_SHOW_DESCRIPTION
Comment content	PASSBOLT_EMAIL_SHOW_COMMENT

When using docker to set these environment variable you can pass them as arguments, like other variables such as the database name, for example:

$ docker run --name passbolt \
             -p 80:80 \
             -p 443:443 \
             -e PASSBOLT_EMAIL_SHOW_COMMENT=0 \
             -e PASSBOLT_EMAIL_SHOW_DESCRIPTION=0 \
             -e PASSBOLT_EMAIL_SEND_COMMENT_ADD=0 \
             -e PASSBOLT_EMAIL_SEND_PASSWORD_CREATE=0 \

Using config file

Email notification settings can also be managed by updating the config/passbolt.php file in your install directory. These settings live in the email key under passbolt.

'passbolt' => [
    'email' => [
        // For Email Delivery configs
        'send' => [
            'comment' => [
              'add' => false
            ],
            'password' => [
              'create' => false
            ]
        ],
        // For content visibility configs
        'show' => [
            'comment' => false,
            'description' => false
        ]
    ]
]

If a config variable does not exist in your config file, it’s default value will be picked.

You can use the following config variables to control the email delivery settings. They are all boolean and accepts true or false. Setting the variable to true will mean that email will be sent for that event and setting it false will ignore the event.

Event	Config variable
When a comment is posted on a password	passbolt.email.send.comment.add
When a password is created	passbolt.email.send.password.create
When a password is shared	passbolt.email.send.password.share
When a password is updated	passbolt.email.send.password.update
When a password is deleted	passbolt.email.send.password.delete
When a new user is invited	passbolt.email.send.user.create
When users try to recover their passbolt account	passbolt.email.send.user.recover
When a group is deleted	passbolt.email.send.group.delete
When a user is added to a group	passbolt.email.send.group.user.add
When a user is removed from a group	passbolt.email.send.group.user.delete
When user roles change in a group	passbolt.email.send.group.user.update
When members of a group change	passbolt.email.send.group.manager.update

Similarly, for changing the email content visibility, you can use the following config variables . They are all boolean and accepts true or false. Setting the variable to true will mean that information will be included in outgoing mails and setting it to false will result in not including that.

Show/Hide	Variable name
Resource username	passbolt.email.show.username
Resource URI/URL	passbolt.email.show.uri
PGP encrypted password	passbolt.email.show.secret
Resource description	passbolt.email.show.description
Comment content	passbolt.email.show.comment

How to configure email notification settings for your organization​

Passbolt events that trigger email notification​

Information that can be shown/hidden from the outgoing emails.​

Default behavior​

Configuring Email Notification Settings​

Using admin user interface​

Email Delivery​

Email content visibility​

Using Environment variables​

Using config file​