[keycloak-user] Admin client

Bruno Palermo palermo at pobox.com
Thu Apr 21 08:42:11 EDT 2016 

It's aimed for users on our front-end integration, so we don't need to create a new theme since we don't need all the available options from the account-management page.

So if the user has a valid access token with manage account role, he will be able to make request to manage account API directly?

Date: Thu, 21 Apr 2016 07:31:06 +0200
From: sthorger at redhat.com
To: guus.der.kinderen at gmail.com
CC: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Admin client

-1 That will create a user session. Add login events, etc.. It's messy..
What's the purpose of the REST API? Is it aimed at admins? If so they shouldn't know the users password in the first place. If it's aimed at users themselves make sure they have a valid access token with the manage account role.
On 21 April 2016 at 07:23, Guus der Kinderen <guus.der.kinderen at gmail.com> wrote:
Quick-and-dirty workaround: try to authenticate as the user. That will either succeed, or fail, which tells you if the provided password was correct.
On 21 Apr 2016 06:43, "Marek Posolda" <mposolda at redhat.com> wrote:

  
    
  
  
    I think the admin client doesn't
      support this. If you are admin and you want to reset password of
      some user, you are not supposed to know the password of user
      anyway. Keycloak admin console also doesn't need to know existing
      user password when you want to reset password of user.

      

      Marek

      

      

      On 21/04/16 00:48, Bruno Palermo wrote:

    
    
      
      Hi,

        

        I'm trying to implement a REST API for some basic user actions,
        like change password and would like to know if there's any way
        to validate the current user password before reset his password
        using the provide java API.

        

        Thanks,

        Bruno

      
      

      
      

      _______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
    
    

  


_______________________________________________

keycloak-user mailing list

keycloak-user at lists.jboss.org

https://lists.jboss.org/mailman/listinfo/keycloak-user


_______________________________________________

keycloak-user mailing list

keycloak-user at lists.jboss.org

https://lists.jboss.org/mailman/listinfo/keycloak-user



_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160421/ee7ffb6a/attachment.html

More information about the keycloak-user mailing list