7:20 a.m.
Hello all,
I have a question regarding re-sending of verification emails.
Is it somehow possible to configure how often can the user request a
re-send?
As far as I looked, currently there is no check when the last re-send was
requested, which allows a third party to spam "click" the resend button and
cause problems on the mail server.
Thanks in advance,
Viktor
9:13 a.m.
Hello Viktor,
I'm afraid this is not out-of-the-box in Keycloak, but the good news is that you can
implement it yourself.
Create a RequiredActionProvider by extending
org.keycloak.authentication.requiredactions.VerifyEmail, override processAction() and
implement the necessary throttling. You can store the timestamp of the last re-send as a
user attribute.
I'd also suggest that you create a JIRA ticket so that this feature gets included into
upstream Keycloak.
Good luck,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Wed, 2018-11-21 at 14:20 +0100, Viktor Chuchurski wrote:
Hello all,
I have a question regarding re-sending of verification emails.
Is it somehow possible to configure how often can the user request a
re-send?
As far as I looked, currently there is no check when the last re-send was
requested, which allows a third party to spam "click" the resend button and
cause problems on the mail server.
Thanks in advance,
Viktor
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2222
days inactive
2222
days old
1 comments
2 participants
participants (2)
-
Dmitry Telegin -
Viktor Chuchurski