Re: [keycloak-user] User old password verification via REST admin api

If you already have the username and old password that you want to check, I just attempt to retrieve an access token. If it works, you know the old password is correct, then you can proceed in changing the password. POST - /auth/realms/{realm}/protocol/openid-connect/token headers.set("content-type", "application/x-www-form-urlencoded"); headers.set("accept", "application/json"); body.add("grant_type", “password”) body.add("username", username); body.add("password", password); body.add(“client_id”, {clientId}) From: <keycloak-user-bounces(a)lists.jboss.org&gt; on behalf of Stian Thorgersen <sthorger(a)redhat.com&gt; Reply-To: &quot;stian(a)redhat.com&quot; <stian(a)redhat.com&gt; Date: Monday, March 21, 2016 at 10:11 PM To: Adrian Matei <adrianmatei(a)gmail.com&gt; Cc: keycloak-user <keycloak-user(a)lists.jboss.org&gt; Subject: Re: [keycloak-user] User old password verification via REST admin api No, with the admin endpoints you can't retrieve the password, nor can you expect an admin to know the existing password so it shouldn't verify it either. On 21 March 2016 at 14:35, Adrian Matei <adrianmatei(a)gmail.com&gt; wrote: > Hi everyone, > > Use case: "reset user password via REST admin API - PUT > /admin/realms/{realm}/users/{id}/reset-password" > > Is there a possibility to verify the user's old password before changing > it, as is the case via the Account app? > > Thanks, > Adrian > > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user >