5:16 p.m.
Hi
As part of my Keycloak implementation, I would like to offer user self service, e.g.
change password.
I do not wish to theme the built-in user account dashboard, but instead build the
functionality directly into our website.
We are already using the Admin API for user administration, but as I understand it, it
would not be appropriate to use this for actions which are actually being carried out by
the end user. The auditing would be incorrect, and certain functionality is unavailable
anyway - for example, whilst we could set a new user password via the Admin API, we would
have no way of verifying that the existing user password is correct (we want the user to
provide existing and new, as per the user account dashboard).
As such, is the correct approach to this for us to extend KeyCloak with a set of custom
REST endpoints to be called by an end user rather than an admin? They will be
authenticated at this point so we will be able to pass down their access token for the
authentication.
If so, I assume I should be following the instructions under "Add custom REST
endpoints" detailed at the following URL?
https://www.keycloak.org/docs/3.0/server_development/topics/extensions.html
Extending Server | Keycloak
Documentation<https://www.keycloak.org/docs/3.0/server_development/top...
This is a very powerful extension, which allows you to deploy your own REST endpoints to
the Keycloak server. It enables all kinds of extensions, for example the possibility to
trigger functionality on the Keycloak server, which is not available through the default
set of built-in Keycloak REST endpoints.
www.keycloak.org
Thanks
William
12:22 p.m.
We are working on account management REST API. Some of it's already
available in master and the remaining functionality will come in the next
few releases.
On Thu, 30 Aug 2018 at 17:47, William Jones <william_jones20(a)outlook.com>
wrote:
Hi
As part of my Keycloak implementation, I would like to offer user self
service, e.g. change password.
I do not wish to theme the built-in user account dashboard, but instead
build the functionality directly into our website.
We are already using the Admin API for user administration, but as I
understand it, it would not be appropriate to use this for actions which
are actually being carried out by the end user. The auditing would be
incorrect, and certain functionality is unavailable anyway - for example,
whilst we could set a new user password via the Admin API, we would have no
way of verifying that the existing user password is correct (we want the
user to provide existing and new, as per the user account dashboard).
As such, is the correct approach to this for us to extend KeyCloak with a
set of custom REST endpoints to be called by an end user rather than an
admin? They will be authenticated at this point so we will be able to pass
down their access token for the authentication.
If so, I assume I should be following the instructions under "Add custom
REST endpoints" detailed at the following URL?
https://www.keycloak.org/docs/3.0/server_development/topics/extensions.html
Extending Server | Keycloak Documentation<
https://www.keycloak.org/docs/3.0/server_development/topics/extensions.html
>
This is a very powerful extension, which allows you to deploy your own
REST endpoints to the Keycloak server. It enables all kinds of extensions,
for example the possibility to trigger functionality on the Keycloak
server, which is not available through the default set of built-in Keycloak
REST endpoints.
www.keycloak.org
Thanks
William
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
2062
days inactive
2066
days old
1 comments
2 participants
participants (2)
-
Stian Thorgersen -
William Jones