[keycloak-user] Defining a new user password through REST API
Rodrigo Sasaki
rodrigopsasaki at gmail.com
Tue Jul 1 07:35:08 EDT 2014
The idea is that we're working on an integration phase between our old
authentication code and keycloak.
The step in question is that whenever the user alters his information in
our old system, we'll send those alterations to keycloak already, so in
true effect I won't be changing the user's password, but I'd like to have
an API call to change his password on keycloak whenever he changes it on
our current system
On Tue, Jul 1, 2014 at 5:20 AM, Stian Thorgersen <stian at redhat.com> wrote:
> You can actually already do this if you want, both through endpoints and
> the admin console. You just need to set a temporary password and afterwards
> remove the update password required action. As Marek says though it doesn't
> really make sense to do so.
>
> ----- Original Message -----
> > From: "Marek Posolda" <mposolda at redhat.com>
> > To: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>,
> keycloak-user at lists.jboss.org
> > Sent: Tuesday, 1 July, 2014 8:07:36 AM
> > Subject: Re: [keycloak-user] Defining a new user password through REST
> API
> >
> > Hi,
> >
> > Is it good practice to define password for users this way? I assume that
> > usually just user himself should have access to his plain-text password
> and
> > be able to login with it?
> >
> > If you really need this, there is just endpoint
> >
> http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html
> > for reset password, which is also used by admin console, but user needs
> to
> > choose new password when login for the first time after reset. So I
> assume
> > that this is the possibility you are already aware of.
> >
> > But note that after this reset, you know user's temporary password, so
> you
> > can login with this temporary password and update password as user
> himself.
> > Then user doesn't need to do anything, you just need to say him his
> > password.
> >
> > Another possibility is to create new REST endpoint by yourself, which
> will
> > use model API to do exactly what you want. For example see this
> > https://github.com/keycloak/keycloak/tree/master/testsuite/tools which
> is
> > REST application for adding big number of new users. You can maybe use
> > something similar.
> >
> > Marek
> >
> >
> > On 1.7.2014 00:01, Rodrigo Sasaki wrote:
> >
> >
> >
> > Hello again!
> >
> > Is there a way for me to define a password for a user through the REST
> API
> > without him having to define a new one on the next login?
> >
> > The only method I found to be close to what I want was the one that
> resets
> > the password, but I would like to redefine it without the user having
> > anything to do with it.
> >
> > Is it possible?
> >
> > --
> > Rodrigo Sasaki
> >
> >
> > _______________________________________________
> > keycloak-user mailing list keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Rodrigo Sasaki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140701/a6d8865f/attachment.html
More information about the keycloak-user
mailing list