You can link to the account page with the following link:
https://<KEYCLOAK SERVER>/auth/realms/<REALM NAME>/account
You can also have an option to get a link back to your application by adding either
referrer or referrer_uri query param:
* referrer - your applications id (this requires "Default Redirect URL" to be
set for your application)
* referrer_uri - the uri to return to (this requires referrer_uri to be a valid redirect
uri for your application)
We do this in the admin console, so you can look at how it works there. Login to the admin
console, click on your username in the top-right corner, and click on 'Manage
account'. In the account management there's now in the top-right corner 'Back
to security-admin-console'. If you try edit the url to remove
'?referrer=security-admin-console' you'll see this link is no longer there.
I've got no idea what validation you're talking about that that checks the
referrer is the same as the server. Maybe it's the fact that for an update (post) we
only allow a post originating from the Keycloak server? That doesn't stop you from
linking to the account page, but it stops you from posting to it.
----- Original Message -----
From: "Rodrigo Sasaki" <rodrigopsasaki(a)gmail.com>
To: keycloak-user(a)lists.jboss.org
Sent: Wednesday, 8 October, 2014 11:29:17 PM
Subject: [keycloak-user] Link to Account Page
Hello,
I am trying to create a link on our application to go directly to Keycloak's
Account Page, so the user can alter his information, but it doesn't work.
I saw that there is a validation that assures that the referrer is the same
as the server, for example: I can only access the account app inside my
localhost:8080 if the referrer is also in localhost:8080.
Is it supposed to be like this? Is there a way for me to create a hyperlink
from my application directly to Keycloak's Account Page? Given that my own
application is secured by Keycloak, I think it should be possible.
Is this the correct behavior?
Thanks again!
--
Rodrigo Sasaki
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user