Hi,
Is it good practice to define password for users this way? I
assume that usually just user himself should have access to his
plain-text password and be able to login with it?
If you really need this, there is just endpoint
http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html
for reset password, which is also used by admin console, but user
needs to choose new password when login for the first time after
reset. So I assume that this is the possibility you are already
aware of.
But note that after this reset, you know user's temporary
password, so you can login with this temporary password and update
password as user himself. Then user doesn't need to do anything,
you just need to say him his password.
Another possibility is to create new REST endpoint by yourself,
which will use model API to do exactly what you want. For example
see this
https://github.com/keycloak/keycloak/tree/master/testsuite/tools
which is REST application for adding big number of new users. You
can maybe use something similar.
Marek
On 1.7.2014 00:01, Rodrigo Sasaki wrote: