<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>It's aimed for users on our front-end integration, so we don't need to create a new theme since we don't need all the available options from the account-management page.<br><br>So if the user has a valid access token with manage account role, he will be able to make request to manage account API directly?<br><br><div><hr id="stopSpelling">Date: Thu, 21 Apr 2016 07:31:06 +0200<br>From: sthorger@redhat.com<br>To: guus.der.kinderen@gmail.com<br>CC: keycloak-user@lists.jboss.org<br>Subject: Re: [keycloak-user] Admin client<br><br><div dir="ltr">-1 That will create a user session. Add login events, etc.. It's messy..<div><br></div><div>What's the purpose of the REST API? Is it aimed at admins? If so they shouldn't know the users password in the first place. If it's aimed at users themselves make sure they have a valid access token with the manage account role.</div></div><div class="ecxgmail_extra"><br><div class="ecxgmail_quote">On 21 April 2016 at 07:23, Guus der Kinderen <span dir="ltr"><<a href="mailto:guus.der.kinderen@gmail.com" target="_blank">guus.der.kinderen@gmail.com</a>></span> wrote:<br><blockquote class="ecxgmail_quote" style="border-left:1px #ccc solid;padding-left:1ex;"><p dir="ltr">Quick-and-dirty workaround: try to authenticate as the user. That will either succeed, or fail, which tells you if the provided password was correct.</p><div class="ecxHOEnZb"><div class="h5">
<div class="ecxgmail_quote">On 21 Apr 2016 06:43, "Marek Posolda" <<a href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>> wrote:<br><blockquote class="ecxgmail_quote" style="border-left:1px #ccc solid;padding-left:1ex;">
<div>
<div>I think the admin client doesn't
support this. If you are admin and you want to reset password of
some user, you are not supposed to know the password of user
anyway. Keycloak admin console also doesn't need to know existing
user password when you want to reset password of user.<br>
<br>
Marek<br>
<br>
<br>
On 21/04/16 00:48, Bruno Palermo wrote:<br>
</div>
<blockquote>
<div dir="ltr">Hi,<br>
<br>
I'm trying to implement a REST API for some basic user actions,
like change password and would like to know if there's any way
to validate the current user password before reset his password
using the provide java API.<br>
<br>
Thanks,<br>
Bruno<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
keycloak-user mailing list
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div>
</div></div><br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>
<br>_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user</div> </div></body>
</html>