[keycloak-user] I have a question about the flow behind the link in the execute-actions-email
robrecht anrijs
robrecht.anrijs+keycloak at gmail.com
Mon Mar 11 08:39:19 EDT 2019
Hi,
I've recently upgraded from keycloak 3.2.1 to 3.4.3.
I've noticed that there is change in the link that is generated in the
email. If such a mail is send with the rest-api execute-actions-email with
'UPDATE_PASSWORD' and with 'VERIFY_EMAIL'
A user (in 3.4.3) get's now the info-page, and has to click on the link
'Click here to proceed', instead of going directly to the
update-password-screen.
I've seen in the sourcecode of ExecuteActionsActionTokenHandler#handleToken
that this done on purpose.
My questions:
- why is this done? is this an oauth rule that I'm missing?
- Is it possible to prevent this extra click?
-- So yes: how
-- So no: What is the correct explanation for this feature? So I can
explain this to my customer and he understands this extra page-click.
Thx for the answers,
Kind regards,
Robrecht
More information about the keycloak-user
mailing list