Re: [keycloak-dev] Application Initiated Action

An AIA is initiated with an auth request.  So before the AIA runs, any required actions set by the admin will run. Is that OK or should we skip any other required action? I think it definitely makes sense if you are logging in to do the AIA.  For instance, admin wants user to update his profile.  User does an AIA for change password, but he is not logged in. 0) User is presented with login screen and logs in. 1) User is presented with "update profile" screen. 2) User is presented with "change password screen. 3) User is redirected back to his app. User does an AIA for change password, but he is already logged in.: 1) User is presented with "update profile" screen. 2) User is presented with "change password screen. 3) User is redirected back to his app. Is that OK, or should step 1 be skipped in the second scenario? On 5/6/2019 2:50 AM, Stian Thorgersen wrote: