Re: [keycloak-user] Validate User Credentials Without Creating a Session

Hi, We're currently using Keycloak 2.5.5.Final, and in this version it's not possible to validate a user's credentials (username / password combination) without actually logging the user in which results in a session (and our sessions are long- lived). Is there any new functionality introduced in the later versions of Keycloak to validate the credentials without actually logging the user in? Our use-case is that we have very long-lived tokens, but we want to require the user to re-enter his/her password in order to perform some certain sensitive tasks such as changing the password or username. If such functionality is not available, would it be possible to add this? Regards, Scott _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user