[keycloak-user] Not able to set credentials for a user while creating a user through my own Rest API
Stian Thorgersen
sthorger at redhat.com
Tue Oct 25 04:04:09 EDT 2016
For now you'd need to generate a random password and use the admin
endpoints to set that.
Not sure when we can get around to implementing the feature. It may be
possible in 3.x, but no guarantees.
On 24 October 2016 at 13:59, abhishek raghav <abhi.raghav007 at gmail.com>
wrote:
> Thanks for clarifying the feature.
>
> Meanwhile until we get this feature rolled out, Do you suggest any
> workaround which is kind of standard and not creating any security loophole
> in the system.
>
> In which release we can expect this feature..?
>
>
> Cheers
> Abhishek
>
>
>
>
>
>
>
> On Mon, Oct 24, 2016 at 10:01 AM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
>> Welcome mail is not probably covering your use-case. AFAIK that issue is
>> more about a "hello welcome aboard" rather than a activate your account
>> mail. You can add a comment to the issue to be able to send a welcome mail
>> with the ability to initialize the password.
>>
>> On 21 October 2016 at 15:10, abhishek raghav <abhi.raghav007 at gmail.com>
>> wrote:
>>
>>> Hey
>>>
>>> Thanks for explaining how the user credential are setting.
>>> I guess the problem which I facing can be solved by using KEYCLOAK- 1835
>>>
>>> *https://issues.jboss.org/browse/KEYCLOAK-1835
>>> <https://issues.jboss.org/browse/KEYCLOAK-1835>*
>>>
>>> When can we expect this to be released..?
>>>
>>> And if it is not going to be released in the future, what should be the
>>> strategy to activate the user where they can set there password.
>>>
>>> Keycloak send a link to update the password to the user at the time of
>>> user creation. Now this link have very small life time. Now I cant expect
>>> my users to respond that quickly. (Say 5 minutes) So by then they click on
>>> it, it gets expired.
>>>
>>> This isn't a problem with self registration. Just when administrator is
>>> creating account for the user.
>>>
>>> Please suggest any strategy to come-over this scenario or whats the
>>> standard way IDM does to activate the user account / Provision the users
>>> first time.
>>>
>>> Cheers
>>> Abhishek
>>>
>>>
>>>
>>>
>>>
>>> On Fri, Oct 21, 2016 at 10:19 AM, Stian Thorgersen <sthorger at redhat.com>
>>> wrote:
>>>
>>>> We'll never expose user credentials over the rest endpoints. We don't
>>>> even know them as they are hashed.
>>>>
>>>> Instead of sending a temporary password you should send the user a
>>>> reset password link. That's a special code that let's the user set the
>>>> password.
>>>>
>>>> On 20 October 2016 at 21:55, abhishek raghav <abhi.raghav007 at gmail.com>
>>>> wrote:
>>>>
>>>>> I am able to set the user credentials by calling a different endpoint
>>>>> as
>>>>> suggested by you. but still when I am inspecting the returned
>>>>> UserRepresentation Object, credentials are coming as null.
>>>>>
>>>>> I am actually trying to create a email template theme, where I am
>>>>> sending
>>>>> the temporary created user password to the user to his registered
>>>>> email. So
>>>>> I am able to introduce username like this :
>>>>>
>>>>> ${msg("executeActionsBodyHtml",link, linkExpiration, realmName,
>>>>> user.getUsername())}
>>>>>
>>>>> But when I am trying to do same for
>>>>> credentials, user.getCredentials().get(0).getValue() I am getting a
>>>>> Null
>>>>> pointer as credentials were not set in the user.
>>>>>
>>>>> I know its kind of absurd.
>>>>>
>>>>> Please suggest. What I am doing wrong.
>>>>>
>>>>> Cheers
>>>>> Abhishek
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Oct 20, 2016 at 9:11 PM, Marek Posolda <mposolda at redhat.com>
>>>>> wrote:
>>>>>
>>>>> > Yes, but we have separate endpoint for manage (reset) user password
>>>>> and
>>>>> > other credentials.
>>>>> >
>>>>> > See for example admin console and check with some plugin (like FF
>>>>> firebug
>>>>> > for example) what REST endpoints are called when you reset password
>>>>> for
>>>>> > some user.
>>>>> >
>>>>> > Marek
>>>>> >
>>>>> >
>>>>> > On 20/10/16 17:02, abhishek raghav wrote:
>>>>> >
>>>>> >> Hey
>>>>> >>
>>>>> >> I am writing to create user by calling keycloak rest APIs through
>>>>> my own
>>>>> >> REST api's. I am able to set all other properties of a user and
>>>>> create a
>>>>> >> user, but when i try assigning the credentials , I get stuck.
>>>>> >>
>>>>> >> First of all Is it possible to do it externally create such
>>>>> scenario..?
>>>>> >>
>>>>> >> If yes, how can i do that.
>>>>> >>
>>>>> >>
>>>>> >> Cheers
>>>>> >> Abhishek
>>>>> >> _______________________________________________
>>>>> >> keycloak-user mailing list
>>>>> >> keycloak-user at lists.jboss.org
>>>>> >> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>> >>
>>>>> >
>>>>> >
>>>>> >
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>
>>>>
>>>
>>
>
More information about the keycloak-user
mailing list