Take the community feedback survey now.

Kristoffer Lindén
Dec 14, 2017
  18983
(12 votes)

Create Episerver admin user by code

After installing an Alloy site I forgot the username and password to login to Episerver and creating a local user and adding it to the Administrators group did not work for me. Maybe someone can tell me how that should work and be done!?

The old fashion way to create an Episerver user is described here:

https://world.episerver.com/blogs/Henrik-Fransas/Dates/2015/10/how-to-create-a-admin-user-through-code/

But that does not work in CMS 10 or 11 so I decided to write some code to create a user in CMS 11 and ended up with this:

[InitializableModule]
[ModuleDependency(typeof(EPiServer.Web.InitializationModule))]
public class EpiserverInitialization : IInitializableModule
{
    private static readonly string[] _roles = { "WebAdmins", "WebEditors" };        

    public void Initialize(InitializationEngine context)
    {
        using (UserStore<ApplicationUser> store = new UserStore<ApplicationUser>(new ApplicationDbContext<ApplicationUser>("EPiServerDB")))
        {
            //If there's already a user, then we don't need a seed
            if (!store.Users.Any(x => x.UserName == "sysadmin"))
            {
                var createdUser = CreateUser(store, "sysadmin", "p@ssword", "sysadmin@mysite.com");
                AddUserToRoles(store, createdUser, _roles);
                store.UpdateAsync(createdUser).GetAwaiter().GetResult();
            }                
        }
    }

    private ApplicationUser CreateUser(UserStore<ApplicationUser> store, string username, string password, string email)
    {
        //We know that this Password hasher is used as it's configured
        IPasswordHasher hasher = new PasswordHasher();
        string passwordHash = hasher.HashPassword(password);

        ApplicationUser applicationUser = new ApplicationUser
        {
            Email = email,
            EmailConfirmed = true,
            LockoutEnabled = true,
            IsApproved = true,
            UserName = username,
            PasswordHash = passwordHash,
            SecurityStamp = Guid.NewGuid().ToString()
        };

        store.CreateAsync(applicationUser).GetAwaiter().GetResult();

        //Get the user associated with our username
        ApplicationUser createdUser = store.FindByNameAsync(username).GetAwaiter().GetResult();
        return createdUser;
    }

    private void AddUserToRoles(UserStore<ApplicationUser> store, ApplicationUser user, string[] roles)
    {
        IUserRoleStore<ApplicationUser, string> userRoleStore = store;
        using (var roleStore = new RoleStore<IdentityRole>(new ApplicationDbContext<ApplicationUser>("EPiServerDB")))
        {
            IList<string> userRoles = userRoleStore.GetRolesAsync(user).GetAwaiter().GetResult();
            foreach (string roleName in roles)
            {
                if (roleStore.FindByNameAsync(roleName).GetAwaiter().GetResult() == null)
                {
                    roleStore.CreateAsync(new IdentityRole { Name = roleName }).GetAwaiter().GetResult();
                }
                if (!userRoles.Contains(roleName))
                    userRoleStore.AddToRoleAsync(user, roleName).GetAwaiter().GetResult();
            }
        }
    }

    public void Uninitialize(InitializationEngine context)
    {
    }

    public void Preload(string[] parameters)
    {
    }
}

After this code is run I can login with the created sysadmin user.

/Kristoffer

Dec 14, 2017

Comments

Henrik Fransas
Henrik Fransas Dec 14, 2017 03:52 PM

Thanks for the updated version!

Praful Jangid
Praful Jangid Jun 18, 2019 11:49 AM

I would like to suggest here that, the simple password that do not meet the minimum level of security (like we need one caps and one small letter and numeric and special character. for example "password") will not be accepted as password and you will not be able to figure out the issue that why you are not able to login even entering the correct username and password.

I just faced the issue. Therefore, try to follow the security parameters. (example "Simple123#")

Thanks for blog, best regards

Praful Jangid

Kevin Candlert
Kevin Candlert Mar 26, 2024 09:21 PM

I made a quick and dirty upgrade to CMS 12:

[InitializableModule]
[ModuleDependency(typeof(EPiServer.Web.InitializationModule))]
public class EpiserverInitialization : IInitializableModule
{
    private static readonly string[] _roles = { "WebAdmins", "WebEditors" };

    public void Initialize(InitializationEngine context)
    {
        var appUserManager = context.Locate.Advanced.GetService<ApplicationUserManager<ApplicationUser>>();
        var roleManager = context.Locate.Advanced.GetService<RoleManager<IdentityRole>>();
        var sysAdminExists = appUserManager.Users.ToList().Any(x => x.UserName == "sysadmin");
        if(!sysAdminExists)
        {
            var newUser = CreateUser(appUserManager, "sysadmin", "Simple123#", "noreply@mysite.com");
            AddUserToRoles(appUserManager, roleManager, newUser, _roles);
            appUserManager.UpdateAsync(newUser).GetAwaiter().GetResult();
        }
    }

    private ApplicationUser CreateUser(ApplicationUserManager<ApplicationUser> store, string username, string password, string email)
    {
        ApplicationUser applicationUser = new ApplicationUser
        {
            Email = email,
            EmailConfirmed = true,
            LockoutEnabled = true,
            IsApproved = true,
            UserName = username,
            SecurityStamp = Guid.NewGuid().ToString()
        };
        IPasswordHasher<ApplicationUser> hasher = store.PasswordHasher;
        string passwordHash = hasher.HashPassword(applicationUser, password);
        applicationUser.PasswordHash = passwordHash;

        store.CreateAsync(applicationUser).GetAwaiter().GetResult();

        //Get the user associated with our username
        ApplicationUser createdUser = store.FindByNameAsync(username).GetAwaiter().GetResult();
        return createdUser;
    }

    private void AddUserToRoles(ApplicationUserManager<ApplicationUser> store, Microsoft.AspNetCore.Identity.RoleManager<IdentityRole> roleManager, ApplicationUser user, string[] roles)
    {
        using (roleManager)
        {
            IList<string> userRoles = store.GetRolesAsync(user).GetAwaiter().GetResult();
            foreach (string roleName in roles)
            {
                if (roleManager.FindByNameAsync(roleName).GetAwaiter().GetResult() == null)
                {
                    roleManager.CreateAsync(new IdentityRole { Name = roleName }).GetAwaiter().GetResult();
                }
                if (!userRoles.Contains(roleName))
                    store.AddToRoleAsync(user, roleName).GetAwaiter().GetResult();
            }
        }
    }

    public void Uninitialize(InitializationEngine context)
    {
    }

    public void Preload(string[] parameters)
    {
    }
}

Praful
Praful Jul 20, 2024 01:10 AM

Thanks for sharing Kevin, this saved my day.

Again, thanks to Kristoffer too.

Please login to comment.
Latest blogs
A day in the life of an Optimizely OMVP - Creating a blazor add-on for CMS 12

Hello and welcome to another instalment of a day in the life of an Optimizely OMVP. In this post I will be covering how to create a blazor based...

Graham Carr | Oct 14, 2025

AI Tools, MCP, and Function Calling for Optimizely

You can now integrate AI Tools, Model Context Protocol (MCP), and function calling with Optimizely CMS, allowing editors to engage with actual,...

Luc Gosso (MVP) | Oct 14, 2025 |

Optimizely Forms : Setup, Configuration and Submission

I have exploring Optimizely Forms recently –  Installed NuGet package to enable Optimizely Forms, created a Contact Us Form and placed in a landing...

Madhu | Oct 13, 2025 |

Building a Discovery-First MCP for Optimizely CMS – Part 1 of 4

This post kicks off a four-part series on how we’re evolving the Optimizely Model Context Protocol (MCP). The project is still in beta and open...

Johnny Mullaney | Oct 13, 2025 |