[keycloak-user] Back to application link is not shown on the success screen after a reset password action

Edgar Vonk - Info.nl Edgar at info.nl
Mon Feb 1 07:46:55 EST 2016


Hi,

Considering the following scenario:
1/ Admin performs a ‘Reset Action’ on the user from the admin console (Manage - Users - Credentials). In our case an ‘Update password’ action and send the ‘Reset Actions Email’.
2/ User receives the reset action email with a link back to Keycloak.
3/ User follows the link, sets his/her password.
4/ User is now shown a success screen stating "Your account has been updated.” only. There is no link to the application or anything. The user is left on his/her own.

This happens because in AuthenticationManager#nextActionAfterAuthentication the ‘skipLink’ attribute is set to true. This results in the info.ftl template not showing the ‘back to application’ link.

I think in this case the link should be shown however. Otherwise the user has no idea where to go to next. In fact I think the ‘back to application’ link should nearly always be shown. So for now we have simply removed the {{<#if skipLink??>}} check in the info.ftl in our custom email theme. I do wonder why this ‘skipLink’ functionality was built in the first place? Does it not make sense to remove it altogether maybe?

cheers




More information about the keycloak-user mailing list