----- Original Message -----
From: "Stan Silvert" <ssilvert(a)redhat.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Friday, 22 May, 2015 2:46:59 PM
Subject: [keycloak-dev] Reset admin password
We need a way to reset the admin password in case it is lost or
hijacked. The proposal is to do that through an operation on the
keycloak-server-subsystem that only runs in "offline CLI" mode.
First, we currently allow you to delete the admin user. Should we
disallow that and make the master admin user permanent?
Interesting question - quick answer, not sure!
There are all sorts of things that can be deleted that'll currently screw things up
royally! For example deleting admin related roles and clients. Created
https://issues.jboss.org/browse/KEYCLOAK-1340 for this.
For admin user maybe rather than a reset admin password option, we should have a reset
admin account option?
Should the new operation only work on the master admin password or can
it be applied to any user in any realm?
+1 To just admin
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev