[keycloak-dev] Application Initiated Action
Stan Silvert
ssilvert at redhat.com
Thu Jun 27 16:27:17 EDT 2019
An AIA is initiated with an auth request. So before the AIA runs, any
required actions set by the admin will run.
Is that OK or should we skip any other required action?
I think it definitely makes sense if you are logging in to do the AIA.
For instance, admin wants user to update his profile. User does an AIA
for change password, but he is not logged in.
0) User is presented with login screen and logs in.
1) User is presented with "update profile" screen.
2) User is presented with "change password screen.
3) User is redirected back to his app.
User does an AIA for change password, but he is already logged in.:
1) User is presented with "update profile" screen.
2) User is presented with "change password screen.
3) User is redirected back to his app.
Is that OK, or should step 1 be skipped in the second scenario?
On 5/6/2019 2:50 AM, Stian Thorgersen wrote:
> Last chance to comment on Application Initiated Action design:
>
> https://github.com/keycloak/keycloak-community/pull/7
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list