Admin login after upgrade to v16

Your question

Upgraded fine to v16
My main email account is working fine. It was the “admin” account before
I now cannot access any admin functions

root paths
/opt/stalwart/bin/stalwart-foundationdb
/opt/stalwart/bin/settings.json
/opt/stalwart/bin/stalwart.env
/opt/stalwart/etc/config.json (literally has the word foundationdb and thats it)

If I goto https://mail.mydomain.com I get the following error,
{
“type”: “about:blank”,
“status”: 404,
“title”: “Not Found”,
“detail”: “The requested resource does not exist on this server.”
}

If I goto http://mail.mydomain.ca:8080/admin/login
I can log in using my original email account, but it has NO admin permissions now
If I try to use the recovery mode it says invalid username or password. Please try again

My Stalwart Service file
/etc/systemd/system/stalwart.service

[Service]
Type=simple
LimitNOFILE=65536
KillMode=process
KillSignal=SIGINT
Restart=on-failure
RestartSec=5
ExecStart=/opt/stalwart/bin/stalwart-foundationdb --config=/opt/stalwart/etc/config.json
EnvironmentFile=/opt/stalwart/bin/stalwart.env
SyslogIdentifier=stalwart
User=stalwart
Group=stalwart
AmbientCapabilities=CAP_NET_BIND_SERVICE

What am I doing wrong or missing. Its gotta be something right in front of my face.
I can send and receive emails no problem. All data is there. I just can’t get in as admin

I understand that topics in this category are triaged by a bot first but a human reply will follow up. If I’d prefer a human-only reply, I’ll add the no-ai tag to my topic.

on

There are two separate issues here. Let me address both:

Issue 1: Your account has no admin permissions

After the upgrade, Stalwart’s authorization model changed. There is no longer a special “admin account type” – administrative capabilities are now granted by assigning permissions or roles to a regular account. Your existing email account simply didn’t get the admin role assigned during the upgrade, which is why you can log in but have no admin functions.

Issue 2: Recovery mode login failing

The recovery mode login (STALWART_RECOVERY_ADMIN) requires you to have set that environment variable explicitly – it is not automatic. The username/password you enter must match exactly what is set in STALWART_RECOVERY_ADMIN=username:password in your service environment. Your stalwart.env file (at /opt/stalwart/bin/stalwart.env) is where you need to set it.

How to fix this

Step 1: Edit /opt/stalwart/bin/stalwart.env and add a line like:

STALWART_RECOVERY_ADMIN=recoveryadmin:SomeStrongPassword123

Step 2: Restart the service:

systemctl restart stalwart

Step 3: Navigate to http://mail.mydomain.ca:8080/admin/login and log in using the username recoveryadmin and the password you just set. The recovery admin credential bypasses the directory and works while the server is running normally – you do not need to enable recovery mode separately for this.

Step 4: Once logged in as the recovery admin, go to your main email account in the WebUI and assign it the admin role (under the account’s permissions/roles settings).

Step 5: Verify you can log in as your main account with full admin access.

Step 6 (important!): Remove the STALWART_RECOVERY_ADMIN line from stalwart.env and restart the service again. This backdoor credential must not be left permanently set in production.

Regarding the 404 at https://mail.mydomain.com – that is likely a reverse proxy routing issue unrelated to the login problem. Once admin access is restored, you can check your HTTP/HTTPS listener and proxy configuration.

References:

• Recovery mode and recovery administrator
• Administrators and roles

This is an automated reply from the Stalwart Help Bot. Other community members may follow up if this answer is incomplete or wrong. If you found it useful, mention @helpbot in any reply to ask follow-up questions and the bot will respond again.

Everything working now