There is an admin api to set password reset email, verify email and other required actions, including custom actions, can be triggered with this api as well.

On 3 February 2016 at 07:10, Lohitha Chiranjeewa <kalc04@gmail.com> wrote:
Hey Stian, let me re-track what I've been trying to say here....

My first query was to check with you guys if there was an admin API to trigger the reset-password email. Seems there is no such API. However, there is an admin API to just reset the password without email verification (http://keycloak.github.io/docs/rest-api/index.html#_set_up_a_temporary_password_for_the_user).

My follow-up concern was that since there is an admin API to trigger the verification email (http://keycloak.github.io/docs/rest-api/index.html#_send_an_email_verification_email_to_the_user), it would have been consistent if there was an admin API to send the reset-password email as well.

Hope this clarifies the misunderstanding.


Regards,
Lohitha.

On Tue, Feb 2, 2016 at 2:19 PM, Stian Thorgersen <sthorger@redhat.com> wrote:
Have no idea what you are saying.

We don't have any API outside of the admin endpoints that do password reset, register email or anything else like that. For the admin endpoints we have a very flexibly endpoint that lets you send exactly what actions you want.

On 1 February 2016 at 19:00, Lohitha Chiranjeewa <kalc04@gmail.com> wrote:
Hi Stian,

I was referring to a potential API endpoint which actually sends out the password reset email (there's a similar API which sends out the registration email), not the existing one which just resets the password.


Regards,
Lohitha.

On Mon, Feb 1, 2016 at 3:53 PM, Stian Thorgersen <sthorger@redhat.com> wrote:


On 28 January 2016 at 08:41, Lohitha Chiranjeewa <kalc04@gmail.com> wrote:
Thanks Fabricio, will check on how we can proceed with such an implementation.

Since there is an already existing registration-email API, I thought it's consistent from Keycloak's perspective to expose a reset-password API as well...

Not sure what you refer to, but there are no APIs for these actions outside of the admin endpoints.
 


Regards,
Lohitha.

On Thu, Jan 28, 2016 at 2:31 AM, Fabricio Milone <fabricio.milone@shinetech.com> wrote:
Hi Lohitha,

I had the same requirements (Direct grant + forgotten password) and ended up implementing a SPI using some piece of code made by Pedro Igor.

An extract of the DEV Mailing list called: "Add custom REST paths? New SPI?"

It is part of a working in progress around fine-grained authorization [1].
The new SPI changes [2] specific to Keycloak are located in a specific branch [3] in my Keycloak fork. 

I need to discuss these changes with Bill and see what he thinks about it. Depending on his feedback, I can prepare a PR and send these changes to upstream. 

[1] https://github.com/pedroigor/keycloak-authz
[2] https://github.com/pedroigor/keycloak/commit/5e99614aacb70f7840a5ae25cfeaf3fc9d74ac54
[3] https://github.com/pedroigor/keycloak/tree/keycloak-authz-modified


Not sure if Keycloak will ever adopt those changes as official or something similar though.

That's a good starting point.

Regards

On 27 January 2016 at 21:19, Stian Thorgersen <sthorger@redhat.com> wrote:
There is in the admin endpoints, but nothing that's available to end-users.

On 22 January 2016 at 06:45, Lohitha Chiranjeewa <kalc04@gmail.com> wrote:
Hi,

There are a few clients of ours who use the Direct Grants API to authenticate their users. A requirement has come up to provide the Reset Password flow to those clients. From what I've checked and gathered, there's no REST API to initiate this flow (sending the Keycloak password reset email + resetting the password through the UI); only way to do is through the browser.

If it's actually there somewhere, can someone point me to it?


Regards,
Lohitha.

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user



--
Fabricio Milone
Developer

Shine Consulting 

30/600 Bourke Street

Melbourne VIC 3000

T: 03 8488 9939

M: 04 3200 4006


www.shinetech.com  a passion for excellence