[keycloak-user] Is it possible to update a Password using SAML
Dmitry Telegin
dt at acutus.pro
Fri Oct 12 18:21:04 EDT 2018
Hi Michael,
SAML is a single sign-on protocol, not an identity management one. These notions are normally clearly separated in the IAM world.
So SAML definitely won't let you change passwords and manipulate other identity data, since it wasn't designed for this. SCIM [1] would be a perfect solution; unfortunately, it isn't implemented in Keycloak OOTB (however, there's an ongoing effort for that [2], so stay tuned).
Currently, the recommended way to manipulate identity data (including changing passwords) is to use Keycloak Admin REST API [3].
[1] http://www.simplecloud.info/
[2] http://lists.jboss.org/pipermail/keycloak-dev/2018-August/011178.html
[3] https://www.keycloak.org/docs-api/4.5/rest-api/
Good luck,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
On Wed, 2018-10-10 at 09:59 -0500, Michael Meier wrote:
> Hi all
>
> Maybe it's a stupid question and that's maybe the reason I couldn't find
> an answer for it on the internet.
> But is it possible, that a service provider (in my case Nextcloud) uses
> the SAML protocol to update the current users password on the IdP
> (keycloak)?
> If yes, does Keycloak support that?
>
> thanks a lot for the information
>
> Michael Meier
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list