[keycloak-user] User old password verification via REST admin api

Doug Szeto DSzeto at investlab.com
Mon Mar 21 21:44:14 EDT 2016

If you already have the username and old password that you want to check, I just attempt to retrieve an access token. If it works, you know the old password is correct, then you can proceed in changing the password.

POST - /auth/realms/{realm}/protocol/openid-connect/token

headers.set("content-type", "application/x-www-form-urlencoded");
headers.set("accept", "application/json");

body.add("grant_type", “password”)
body.add("username", username);
body.add("password", password);
body.add(“client_id”, {clientId})

From: <keycloak-user-bounces at lists.jboss.org<mailto:keycloak-user-bounces at lists.jboss.org>> on behalf of Stian Thorgersen <sthorger at redhat.com<mailto:sthorger at redhat.com>>
Reply-To: "stian at redhat.com<mailto:stian at redhat.com>" <stian at redhat.com<mailto:stian at redhat.com>>
Date: Monday, March 21, 2016 at 10:11 PM
To: Adrian Matei <adrianmatei at gmail.com<mailto:adrianmatei at gmail.com>>
Cc: keycloak-user <keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>>
Subject: Re: [keycloak-user] User old password verification via REST admin api

No, with the admin endpoints you can't retrieve the password, nor can you expect an admin to know the existing password so it shouldn't verify it either.

On 21 March 2016 at 14:35, Adrian Matei <adrianmatei at gmail.com<mailto:adrianmatei at gmail.com>> wrote:
Hi everyone,

Use case: "reset user password via REST admin API - PUT /admin/realms/{realm}/users/{id}/reset-password"

Is there a possibility to verify the user's old password before changing it, as is the case via the Account app?


keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160322/3532f527/attachment.html 

More information about the keycloak-user mailing list