[keycloak-dev] First use of initial passwords MUST be within configurable timeframe

Stian Thorgersen sthorger at redhat.com
Mon Jan 2 02:40:48 EST 2017

We have support to make the user change the temporary password on login.
There is no built-in support to allow a user to use the temporary password
for some configurable time. You could easily add a custom required action
that would to that though.

On 23 December 2016 at 07:42, Shaikh Asrafali Anwarali <
asrafalianwarali.shaikh at gi-de.com> wrote:

> Hi,
> Currently we are exploring keycloak for our IAMS requirement "First use of
> initial or temporary passwords MUST be within configurable timeframe of
> receipt".
> We explore through keycloak but did not find such functionality , could
> you let us know is such functionality does exist or it can be configured.
> To elaborate more on requirement.
> When user is created we assign Temporary password for activating account ,
> user uses temporary password to login into keyclaok and at first attempt
> update for password is asked wherein user needs to  changes his/her
> credential.
> This use of temporary password, we want to put constraint like it should
> be used, say in a day or else account cannot be activated.
> Regards,
> Asraf Shaikh
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list