Locked-Out Recovery

Use this flow when you cannot log in and the email-based password reset is not delivering. You will need the recovery token currently set on the deploy host (ADMIN_RECOVERY_TOKEN).

This endpoint is disabled by default. If the token is not configured on the server, recovery requests return 404. After regaining access, rotate the token to prevent reuse.
Back to ARIA

Recovery Reset

Use your server-side recovery token to set a new password