[keycloak-dev] Account management requirements for beta1

Marek Posolda mposolda at redhat.com
Mon May 5 03:42:23 EDT 2014


There is also the thing, that currently user registered through social 
can't change his password - https://issues.jboss.org/browse/KEYCLOAK-334 
. Not sure if this is priority for beta1, but it should be at least in 
1.0-Final IMO.

We discussed the possibility to remove the options 
"updateProfileOnInitialSocialLogin", "verifyEmail" and instead use list 
of requiredActions after normal registration and social registration.

Currently it's assigned to me and planned for Beta1, but I don't think 
that I can do it though as I am on PTO from Thursday and then whole next 
week...

Marek

On 30.4.2014 18:17, Stian Thorgersen wrote:
> With regards to account management what additional requirements do we have for beta1?
>
> Features I can think off to add now or in the future includes:
>
> * Manage refresh tokens - view applications and clients that have refresh tokens, and the ability to invalidate specific tokens
> * Manage devices - view browsers and devices that have access (remember me cookie?), and the ability to invalidate specific cookies
> * Manage devices that can bypass totp - it seems to be quite common that it's possible to not require asking for totp again for a specific device, I assume this is done by setting a cookie, if we enable this it should be possible to view what devices have this option, as well as invalidate them
> * Manage applications - view all applications, be able to navigate to an application, and the ability to invalidate access to specific application
> * Manage clients - view all clients and what grants they have, and the ability to revoke access to specific client
>
> I think listing client grants, invalidate specific client grants, and a logout everything option would be sufficient. The logout everything option would invalidate any refresh tokens, remember me cookies, 'skip' totp cookies and do a sso-logout.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev



More information about the keycloak-dev mailing list