[keycloak-user] User old password verification via REST admin api

Stian Thorgersen sthorger at redhat.com
Mon Mar 21 10:11:01 EDT 2016


No, with the admin endpoints you can't retrieve the password, nor can you
expect an admin to know the existing password so it shouldn't verify it
either.

On 21 March 2016 at 14:35, Adrian Matei <adrianmatei at gmail.com> wrote:

> Hi everyone,
>
> Use case: "reset user password via REST admin API - PUT
> /admin/realms/{realm}/users/{id}/reset-password"
>
> Is there a possibility to verify the user's old password before changing
> it, as is the case via the Account app?
>
> Thanks,
> Adrian
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160321/32c311db/attachment.html 


More information about the keycloak-user mailing list