[keycloak-user] Email-Event UPDATE-PASSWORD

GARDAIS Ionel ionel.gardais at tech-advantage.com
Thu Nov 8 14:04:48 EST 2018


Hi Gregor,

I had the same questioning about other email-events.
My guess is that not verified email could be wrong and than lead to keycloak spamming the world.
It would be useless implement and maintain bounce logic whereas there is a verification process available, and thus to use a verified email for this purpose.

One may ask : should verified-email be reconfirmed on a periodic schedule so abandoned addresses be unused ?

-- 
Ionel GARDAIS
Tech'Advantage CIO - IT Team manager

----- Mail original -----
De: "Gregor Tudan" <Gregor.Tudan at cofinpro.de>
À: "keycloak-user" <keycloak-user at lists.jboss.org>
Envoyé: Jeudi 8 Novembre 2018 11:30:47
Objet: [FGTSPAM] [keycloak-user] Email-Event UPDATE-PASSWORD

Hi,

We’re trying to send an email to a user if his/her password was changed. The Email-Event UPDATE-PASSWORD looks exactly like what we want.

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/events/email/EmailEventListenerProvider.java <https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/events/email/EmailEventListenerProvider.java>

There’s one catch: the email seems to only get sent if the user has a verified email address. Email-Verification is not activated on the realm.
Is there a reason why email-verification is required for those emails?

Thanks,
Gregor

_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
232 avenue Napoleon BONAPARTE 92500 RUEIL MALMAISON
Capital EUR 219 300,00 - RCS Nanterre B 408 832 301 - TVA FR 09 408 832 301




More information about the keycloak-user mailing list