9:34 p.m.
Just wondering if I'm missing something. The following scenario, to me, seems flawed.
Realm Setting to verify email = On
1. New user registers an account.
2. From the account page, they change their email address, but have a typo in the
address.
3. Attempt to login again and receive an error saying their email needs to be
verified.
4. Cannot verify email because of the typo, user is locked out.
To my way of thinking the email address should be verified at the time it is changed and
before the new value is written to the attribute. Is that possible?
Thanks
Adam
12:26 a.m.
It is indeed a bit flawed and is something we should take a look at. Can
you create a JIRA please?
I can't think of any way of doing this without modifying the Keycloak code.
Any chance you'd be interested in doing a PR for it?
On 2 November 2016 at 03:34, Adam Keily <adam.keily(a)adelaide.edu.au> wrote:
Just wondering if I'm missing something. The following scenario,
to me,
seems flawed.
Realm Setting to verify email = On
1. New user registers an account.
2. From the account page, they change their email address, but have
a typo in the address.
3. Attempt to login again and receive an error saying their email
needs to be verified.
4. Cannot verify email because of the typo, user is locked out.
To my way of thinking the email address should be verified at the time it
is changed and before the new value is written to the attribute. Is that
possible?
Thanks
Adam
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2993
days inactive
2995
days old
1 comments
2 participants
participants (2)
-
Adam Keily -
Stian Thorgersen