[keycloak-user] Defining a new user password through REST API
Rodrigo Sasaki
rodrigopsasaki at gmail.com
Tue Jul 1 10:27:59 EDT 2014
How would I remove the update password required action via the REST API?
On Tue, Jul 1, 2014 at 5:20 AM, Stian Thorgersen <stian at redhat.com> wrote:
> You can actually already do this if you want, both through endpoints and
> the admin console. You just need to set a temporary password and afterwards
> remove the update password required action. As Marek says though it doesn't
> really make sense to do so.
>
> ----- Original Message -----
> > From: "Marek Posolda" <mposolda at redhat.com>
> > To: "Rodrigo Sasaki" <rodrigopsasaki at gmail.com>,
> keycloak-user at lists.jboss.org
> > Sent: Tuesday, 1 July, 2014 8:07:36 AM
> > Subject: Re: [keycloak-user] Defining a new user password through REST
> API
> >
> > Hi,
> >
> > Is it good practice to define password for users this way? I assume that
> > usually just user himself should have access to his plain-text password
> and
> > be able to login with it?
> >
> > If you really need this, there is just endpoint
> >
> http://docs.jboss.org/keycloak/docs/1.0-beta-3/rest-api/admin/realms/%7Brealm%7D/users/%7Busername%7D/reset-password/index.html
> > for reset password, which is also used by admin console, but user needs
> to
> > choose new password when login for the first time after reset. So I
> assume
> > that this is the possibility you are already aware of.
> >
> > But note that after this reset, you know user's temporary password, so
> you
> > can login with this temporary password and update password as user
> himself.
> > Then user doesn't need to do anything, you just need to say him his
> > password.
> >
> > Another possibility is to create new REST endpoint by yourself, which
> will
> > use model API to do exactly what you want. For example see this
> > https://github.com/keycloak/keycloak/tree/master/testsuite/tools which
> is
> > REST application for adding big number of new users. You can maybe use
> > something similar.
> >
> > Marek
> >
> >
> > On 1.7.2014 00:01, Rodrigo Sasaki wrote:
> >
> >
> >
> > Hello again!
> >
> > Is there a way for me to define a password for a user through the REST
> API
> > without him having to define a new one on the next login?
> >
> > The only method I found to be close to what I want was the one that
> resets
> > the password, but I would like to redefine it without the user having
> > anything to do with it.
> >
> > Is it possible?
> >
> > --
> > Rodrigo Sasaki
> >
> >
> > _______________________________________________
> > keycloak-user mailing list keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Rodrigo Sasaki
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20140701/8a72c8d8/attachment.html
More information about the keycloak-user
mailing list