[keycloak-user] Admin initiated login-actions emails with action tokens no longer redirect user to proper screen since upgrading to 3.4.0.Final

Edgar Vonk - Info.nl Edgar at info.nl
Mon Nov 27 11:34:33 EST 2017


Since upgrading from Keycloak 3.2.0.Final to 3.4.0.Final the links in the admin initiated login-actions emails no longer work for us. We use such emails e.g. to require the user to set his/her password before their account can be used.

Such login action links in the 'change password’ emails are of the format:

https://HOSTNAME/auth/realms/graydon-customers/login-actions/action-token?key=XXX

when the user clicks this link Keycloak 3.2.0 redirected the user to:

https://HOSTNAME/auth/realms/graydon-customers/login-actions/required-action?execution=UPDATE_PASSWORD&client_id=account


However since we upgraded to Keycloak 3.4.0.Final this is no longer the case and the user is not redirected to the required action page at all..


Does anyone have tips on what may be the issue? Was there anything changed from 3.2.0 to 3.4.0 that could explain this? Or is it perhaps a bug in Keycloak?

PS: we run Keycloak in a cluster with a persistent clustered Infinispan cache. So far we have not emptied our Keycloak database nor completely removed this cache when upgrading Keycloak.

cheers


More information about the keycloak-user mailing list