[keycloak-user] password reset email REST api?

Don Reynolds (dreynold) Don.Reynolds at quest.com
Thu Oct 18 16:29:27 EDT 2018 

Hello Wyllys,

Yes this is possible.  You want to use the REST API endpoint to send an email to the user requiring them to perform some action.
See the section called "Send a update account email to the user An email contains a link the user can click to perform a set of required actions." in the Keycloak REST admin api docs (https://www.keycloak.org/docs-api/4.5/rest-api/index.html)

PUT /{realm}/users/{id}/execute-actions-email

The body of the request specifies the actions you want them to perform.  I think you will want to send the following, which will force the user to reset their password, as well as send them an email with a link to do so:   ["VERIFY_EMAIL", "UPDATE_PASSWORD "]

Here are a few other links that might help:
http://lists.jboss.org/pipermail/keycloak-user/2016-December/008766.html
https://stackoverflow.com/questions/42071682/how-to-update-password-via-keyclaok-admin-rest-api-by-execute-actions-email

This section of the keycloak server admin guide describes what the various required action options are:
https://www.keycloak.org/docs/latest/server_admin/index.html#required-actions

Since the keycloak admin web console uses the REST api, it can be handy to turn on developer tools in your browser and watch the network traffic that occurs when you perform the equivalent action in the keycloak admin console to the REST api calls the console makes to the server and the exact parameters it passes.

Hope that helps,
Don


> -----Original Message-----
> From: keycloak-user-bounces at lists.jboss.org <keycloak-user-
> bounces at lists.jboss.org> On Behalf Of Wyllys Ingersoll
> Sent: Thursday, October 18, 2018 12:04 PM
> To: keycloak-user at lists.jboss.org
> Subject: [keycloak-user] password reset email REST api?
> 
> Is there ( or are they plans to add one) a REST API endpoint for sending a
> user a password reset email link?
> 
> Im looking for a way to simulate what happens when the "reset password"
> form is used but without using the form itself, so that an application could
> make the request without requiring a UI.
> 
> This is different from having an administrator manually reset a password, I
> want the user to just get a secure link to reset their own password when
> necessary.
> 
> thanks,
>    Wyllys Ingersoll
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list