[keycloak-user] RESET_PASSWORD_ERROR incorrect clientId

Dan Neville danneville at benefex.co.uk
Tue Jun 26 11:19:54 EDT 2018 

Hello,

I am currently experiencing some issues with resetting credentials via Keycloak. I've experienced this with both 3.4.0 and 4.0.0.

We have the "account" client disabled because we do not want a user to have access to changing any of their details other than the password as we saw here http://lists.jboss.org/pipermail/keycloak-user/2017-September/011873.html.

We have another two clients "web" and "mobile" which we use.

When we request a reset with client_id set to "web" (http://localhost/auth/realms/my-realm/login-actions/reset-credentials?client_id=web&tab_id=qiXxI3vZsS4) an email is sent, I click on the link and I can correctly reset my password.

However when I reset with client_id set to "mobile" (https://localhost/auth/realms/my-realm/login-actions/reset-credentials?client_id=mobile&tab_id=x1Vo0t9PD4o) an email is sent, I click on the link and I get a page which says "Login requester not availble" and the log line seen is:

14:25:42,543 WARN  [org.keycloak.events] (default task-70) type=RESET_PASSWORD_ERROR, realmId=my-realm, clientId=account, userId=d4486f3c-ac49-49da-aecf-8898d80f59b7, ipAddress=X.X.X.X, error=client_not_found, reason=loginRequesterNotEnabledMessage, auth_method=openid-connect, token_id=1c9a2709-2902-496b-9e2c-90cdb4404374, action=reset-credentials, response_type=code, redirect_uri=http://localhost/auth/realms/my-realm/account/, remember_me=false, code_id=7ac6953f-a943-473c-b333-e526202c9793, response_mode=query

In the log line I can see that it is trying to use the "account" client id which is disabled, so I understand this is why I'm getting the error. However I'm not sure why it is trying to use the "account" client id.

What reasons could there be for the client_id with "mobile" acting differently?

Many Thanks

Dan




 [Benefex Logo]

Dan Neville
Senior Backend Engineer




hellobenefex.com<https://www.benefex.co.uk>
[https://s3-eu-west-1.amazonaws.com/commsmedia-bucket/images/benefex/social+LinkedIn.png]<https://www.linkedin.com/company/hellobenefex> [Twitter] <https://twitter.com/hellobenefex>

Benefex Ltd, Mountbatten House, , Southampton, SO15 2JU. Registered Number: 04768546
As the sender of this email, we hope that you are the intended addressee and that you are having a nice day. Please take a moment to note that this message may contain information that is confidential or privileged and exempt from disclosure under applicable law. If this wasn't meant for your eyes, please do take the time to let us know and delete this message from all data storage systems. You should also note that the disclosure or copying of this email, or the use of its contents, is prohibited. Thank you!


This message has been scanned for malware by Websense. www.websense.com

More information about the keycloak-user mailing list