From: "Stan Silvert" <ssilvert(a)redhat.com&gt; To: keycloak-dev(a)lists.jboss.org Sent: Monday, 20 July, 2015 1:50:25 PM Subject: [keycloak-dev] How should reset-password-email work? http://keycloak.github.io/docs/rest-api/admin/realms/%7Brealm%7D/users/%7... I'm looking into KEYCLOAK-1543 [1], which concerns the REST API for reset-password-email [2]. I want to make sure I understand how this is meant to work. You make a call to send the user a reset-password email. And you specify a client id and a redirect uri. I assume the redirect uri is the place the user is sent after he changes his password? (via a link he clicks to continue) Right now, it looks like the code is checking the client config to make sure that the redirect uri is included in the client's "valid redirect uri's". So if redirect uri is specified then client id is also required? The problem is that currently, the redirect uri is ignored and the user is always sent to the base uri of the client.

Please let me know if any of the above is incorrect. I want to make sure I have this right as I fix it and update the documentation. [1] https://issues.jboss.org/browse/KEYCLOAK-1543 [2] http://keycloak.github.io/docs/rest-api/admin/realms/%7Brealm%7D/users/%7... _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev