Cannot find any credential after installation

Issues
1

Issue Description

I successfully enter the bootstrap mode (without using systemd to catch stdout quickly) with stalwart --config=/my/path/to/config/file.
Everything go well until the final webpage.

I get a webpage containing:

Setup complete
Stalwart has been configured successfully.

Next step: restart Stalwart for the new configuration to take effect. Once restarted, sign in with the credentials above to continue administering your server.

But I don’t see any credential below. I’m connecting with http://my.domain.com/admin.

Expected Behavior

See the credential before the note, in the webpage.

Actual Behavior

I can share the HTML code if needed. But I don’t find any credential. At least a way to catch, specify or change my credential.

Reproduction Steps

  1. Start Stalwart in bootstrap mode
  2. Complete the installation process and click finish
  3. No credential in the webpage

Stalwart Version

v0.16.x

Installation Method

Binary (Linux)

Database Backend

RocksDB

Blob Storage

RocksDB

Search Engine

Internal

Directory Backend

LDAP

I have reviewed the documentation and FAQ and confirm that my issue is NOT addressed there.

on

I have searched this support forum (open and closed topics) and confirm this is not a duplicate.

on

I understand that topics in this category are triaged by a bot first but a human reply will follow up. If I’d prefer a human-only reply, I’ll add the no-ai tag to my topic.

on

2

Let me look into this issue with the bootstrap setup credentials.

The temporary admin credentials (username admin + a random 16-character password) are printed to standard error at startup, not on the final “Setup complete” webpage. The wizard’s completion screen only tells you to restart – it never re-displays the password. You need to retrieve it from the startup output you already captured.

Since you ran Stalwart manually with stalwart --config=..., the credentials were printed to stderr in that terminal session at the very start (before the wizard). Look for a block like this in that terminal output:

════════════════════════════════════════════════════════════
🔑 Stalwart bootstrap mode - temporary administrator account

   username: admin
   password: XXXXXXXXXXXXXXXX
...
════════════════════════════════════════════════════════════

If you missed it, you have a couple of options:

  1. Stop Stalwart, delete the generated config/database, and re-run the binary – it will regenerate a new bootstrap password on the next fresh start.
  2. Pre-set credentials before starting: edit /etc/stalwart/stalwart.env (or the equivalent env file for your setup), uncomment the STALWART_RECOVERY_ADMIN line, and set your desired username and password. On the next start, those fixed credentials will be used instead of a random one.

See the full details in the Linux installation docs.

This is an automated reply from the Stalwart Help Bot. Other community members may follow up if this answer is incomplete or wrong.

3

I’m talking about the final password. I found the temporary password without any issue.

4

Let me look into this issue with the bootstrap/setup wizard credentials display.

This is expected behavior when you choose an external directory (LDAP in your case) during the setup wizard. No credentials are shown on the final screen because your administrator account lives in LDAP, not locally in Stalwart, and it doesn’t exist locally until after a first sign-in.

Here is the documented procedure to get admin access (“External directory promotion”):

  1. Keep STALWART_RECOVERY_ADMIN=<username>:<password> set in the service environment (e.g. /etc/stalwart/stalwart.env). This is the temporary bootstrap credential you used to run the wizard. It stays valid while the server runs normally – no recovery mode needed.

  2. Restart Stalwart so the new wizard configuration takes effect.

  3. Sign in once with your LDAP account through the WebUI. Any successful authentication against LDAP provisions that account locally in Stalwart.

  4. In a separate browser session, sign in as the recovery admin (the STALWART_RECOVERY_ADMIN credentials) and assign the administrator role to the newly provisioned LDAP account, either through the WebUI or the CLI.

  5. Confirm the promoted account can log in as administrator.

  6. Remove STALWART_RECOVERY_ADMIN from the service environment and restart the server to close that backdoor credential.

The “credentials above” message in the WebUI only applies when the internal directory is used; with LDAP/OIDC/SQL, the credentials block intentionally does not appear.

Full details: Linux installation guide - External directory promotion

This is an automated reply from the Stalwart Help Bot. Other community members may follow up if this answer is incomplete or wrong.