Hi,

Is it good practice to define password for users this way? I assume that usually just user himself should have access to his plain-text password and be able to login with it?

If you really need this, there is just endpoint http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html for reset password,  which is also used by admin console, but user needs to choose new password when login for the first time after reset. So I assume that this is the possibility you are already aware of.

But note that after this reset, you know user's temporary password, so you can login with this temporary password and update password as user himself. Then user doesn't need to do anything, you just need to say him his password.

Another possibility is to create new REST endpoint by yourself, which will use model API to do exactly what you want. For example see this https://github.com/keycloak/keycloak/tree/master/testsuite/tools which is REST application for adding big number of new users. You can maybe use something similar.

Marek

 
On 1.7.2014 00:01, Rodrigo Sasaki wrote:
Hello again!

Is there a way for me to define a password for a user through the REST API without him having to define a new one on the next login?

The only method I found to be close to what I want was the one that resets the password, but I would like to redefine it without the user having anything to do with it.

Is it possible?

--
Rodrigo Sasaki


_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user