How would I remove the update password required action via the REST API?


On Tue, Jul 1, 2014 at 5:20 AM, Stian Thorgersen <stian@redhat.com> wrote:
You can actually already do this if you want, both through endpoints and the admin console. You just need to set a temporary password and afterwards remove the update password required action. As Marek says though it doesn't really make sense to do so.

----- Original Message -----
> From: "Marek Posolda" <mposolda@redhat.com>
> To: "Rodrigo Sasaki" <rodrigopsasaki@gmail.com>, keycloak-user@lists.jboss.org
> Sent: Tuesday, 1 July, 2014 8:07:36 AM
> Subject: Re: [keycloak-user] Defining a new user password through REST API
>
> Hi,
>
> Is it good practice to define password for users this way? I assume that
> usually just user himself should have access to his plain-text password and
> be able to login with it?
>
> If you really need this, there is just endpoint
> http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html
> for reset password, which is also used by admin console, but user needs to
> choose new password when login for the first time after reset. So I assume
> that this is the possibility you are already aware of.
>
> But note that after this reset, you know user's temporary password, so you
> can login with this temporary password and update password as user himself.
> Then user doesn't need to do anything, you just need to say him his
> password.
>
> Another possibility is to create new REST endpoint by yourself, which will
> use model API to do exactly what you want. For example see this
> https://github.com/keycloak/keycloak/tree/master/testsuite/tools which is
> REST application for adding big number of new users. You can maybe use
> something similar.
>
> Marek
>
>
> On 1.7.2014 00:01, Rodrigo Sasaki wrote:
>
>
>
> Hello again!
>
> Is there a way for me to define a password for a user through the REST API
> without him having to define a new one on the next login?
>
> The only method I found to be close to what I want was the one that resets
> the password, but I would like to redefine it without the user having
> anything to do with it.
>
> Is it possible?
>
> --
> Rodrigo Sasaki
>
>
> _______________________________________________
> keycloak-user mailing list keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



--
Rodrigo Sasaki