Help Search

How to configure email notification settings for your organization

Some actions in passbolt, such as a user sharing a password with someone else, trigger an email notification. As passbolt admin, you can control which events result in an email notification and which events are ignored. Similarly you can control whether or not a piece of information is included in those notification emails.

Passbolt events that trigger email notification

Event Recipients
When a comment is posted on a password. All the users having access to the given password.
When a password is created. The user creating the password.
When a password is shared. The users gaining access to the given password.
When a password is updated. All the users having access to the given password.
When a password is deleted. All the users who had access to the given password.
When a new user is invited. The invited user.
When users try to recover their passbolt account. The user trying to recover their account.
When a group is deleted. Group's members.
A user is added to a group. The user getting added.
A user is removed from a group. The user getting removed.
When user roles change in a group. The affected users.
When members of a group change. The group's manager.

Information that can be shown/hidden from the outgoing emails.

Config Show / Hide what
Username Resource username
URI Resource URI/URL
Encrypted Secret PGP encrypted password
Description Resource description
Comment Comment content

Default behavior

By default all the settings are true which means all the notifications are set to be broadcasted and all the information blocks are set to be shown.

Configuring Email Notification Settings

You can configure email notification settings using either the admin interface, config files or environment variables. If multiple settings providers are used the settings in the admin interface will override the one used in files. Similarly the settings in files will override environment variables.

Using admin user interface

Since v2.10 a user interface is provided for administrators to setup email notification settings. Click on “administration” in the top menu, then “Email Notifications” on the left menu.

The settings are divided into two sections.

Email Delivery

These settings control whether or not an email is sent on a given event.

Email Notification Settings - Email Delivery fig. Email Notification Settings - Email Delivery

Email content visibility

These settings control whether a piece of information is included in the emails sent.

Email Notification Settings - Email Content Visibility fig. Email Notification Settings - Email Content Visibility

Using Environment variables

You can use the following environment variables to control the email delivery settings. They are all boolean and accepts 1 or 0. Setting the variable to 1 (one) will mean that email will be sent for that event and setting it 0 (zero) will ignore the event.

Event Environment variable
When a comment is posted on a password. PASSBOLT_EMAIL_SEND_COMMENT_ADD
When a password is created. PASSBOLT_EMAIL_SEND_PASSWORD_CREATE
When a password is shared. PASSBOLT_EMAIL_SEND_PASSWORD_SHARE
When a password is updated PASSBOLT_EMAIL_SEND_PASSWORD_UPDATE
When a password is deleted PASSBOLT_EMAIL_SEND_PASSWORD_DELETE
When a new user is invited. PASSBOLT_EMAIL_SEND_USER_CREATE
When users try to recover their passbolt account. PASSBOLT_EMAIL_SEND_USER_RECOVER
When a group is deleted. PASSBOLT_EMAIL_SEND_GROUP_DELETE
A user is added to a group. PASSBOLT_EMAIL_SEND_GROUP_USER_ADD
A user is removed from a group. PASSBOLT_EMAIL_SEND_GROUP_USER_DELETE
When user roles change in a group. PASSBOLT_EMAIL_SEND_GROUP_USER_UPDATE
When members of a group change. PASSBOLT_EMAIL_SEND_GROUP_MANAGER_UPDATE

Similarly, for changing the email content visibility, you can use the following environment variables . They are all boolean and accepts 1 or 0. Setting the variable to 1 (one) will mean that information will be included in outgoing mails and setting it to 0 (zero) will result in not including that.

Show/Hide Environment variable
Resource username PASSBOLT_EMAIL_SHOW_USERNAME
Resource URI/URL PASSBOLT_EMAIL_SHOW_URI
PGP encrypted password PASSBOLT_EMAIL_SHOW_SECRET
Resource description PASSBOLT_EMAIL_SHOW_DESCRIPTION
Comment content PASSBOLT_EMAIL_SHOW_COMMENT

When you using docker to set these environment variable you can pass them as arguments, like other variables such as the database name, for example:

$ docker run --name passbolt \
             -p 80:80 \
             -p 443:443 \
             -e PASSBOLT_EMAIL_SHOW_COMMENT=0 \
             -e PASSBOLT_EMAIL_SHOW_DESCRIPTION=0 \
             -e PASSBOLT_EMAIL_SEND_COMMENT_ADD=0 \
             -e PASSBOLT_EMAIL_SEND_PASSWORD_CREATE=0 \

Using config file

Email notification settings can also be managed by updating the config/passbolt.php file in your install directory. These settings live in the email key under passbolt.

'passbolt' => [
    'email' => [
        // For Email Delivery configs
        'send' => [
            'comment' => [
              'add' => false
            ],
            'password' => [
              'create' => 'false'
            ]
        ],
        // For content visibility configs
        'show' => [
            'comment' => false,
            'description' => false
        ]
    ]
]

If a config variable doesn’t exist in your config file, it’s default value will be picked.

You can use the following config variables to control the email delivery settings. They are all boolean and accepts true or false. Setting the variable to true will mean that email will be sent for that event and setting it false will ignore the event.

Event Config variable
when a comment is posted on a password. passbolt.email.send.comment.add
when a password is created. passbolt.email.send.password.create
when a password is shared. passbolt.email.send.password.share
when a password is updated passbolt.email.send.password.update
when a password is deleted passbolt.email.send.password.delete
when a new user is invited. passbolt.email.send.user.create
when users try to recover their passbolt account. passbolt.email.send.user.recover
when a group is deleted. passbolt.email.send.group.delete
a user is added to a group. passbolt.email.send.group.user.add
a user is removed from a group. passbolt.email.send.group.user.delete
when user roles change in a group. passbolt.email.send.group.user.update
when members of a group change. passbolt.email.send.group.manager.update

Similarly, for changing the email content visibility, you can use the following config variables . They are all boolean and accepts true or false. Setting the variable to true will mean that information will be included in outgoing mails and setting it to false will result in not including that.

Show/Hide Variable name
Resource username passbolt.email.show.username
Resource URI/URL passbolt.email.show.uri
PGP encrypted password passbolt.email.show.secret
Resource description passbolt.email.show.description
Comment content passbolt.email.show.comment

Last updated

This article was last updated on May 22nd, 2019.

Are you experiencing issues with Passbolt Pro Edition?

Contact Pro support

or ask the community