[keycloak-user] Password Expiration not applied to Token

Stian Thorgersen stian at redhat.com
Thu Sep 10 15:30:56 EDT 2015

The direct grant shouldn't return any tokens if there are required actions so this is a bug. Can you create a bug report please?

----- Original Message -----
> From: "Chris Atkinson" <atgnatus at yahoo.com>
> To: keycloak-user at lists.jboss.org
> Sent: Wednesday, 9 September, 2015 5:54:02 PM
> Subject: [keycloak-user] Password Expiration not applied to Token
> Hi,
> We have set a password policy to have passwords expire after a number of
> days. This works fine through the Keycloak login screen. However, when we
> use the REST API to do a direct grant (we call
> '/protocol/openid-connect/token' on Keycloack 1.3.1) a valid token is
> returned even after the password has expired.
> This does not seem like the correct behavior. Is there an issue here?
> Thanks,
> Chris
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list