[keycloak-user] account creation process with email verification : problem or normal behavior ?

[François Gourrier]

hello to everyone and very happy new year, 

I am faced with the following problem: 

I want to enable email verification when creating an account 

I ticked the "default action" box for "Verify Email" in "authentication". 
the observed behavior is as follows: 
- when a user creates an account via a public form, he receives an email with a link with the following structure: 
HOST /realms/connect/login-actions/action-token? = XXXXXXclient_id = XXXX XXXX = & tab_id 
- when he clicks on the link, it is sent back to his account (HOST / realms / connect / account /) and is therefore connected 

That's not at all the behavior I was expecting 

Another scenario: 
- when a user creates an account, he receives an email with a link with the following structure: 
HOST /realms/connect/login-actions/action-token?Key = XXXXXXclient_id = XXXX XXXX = & tab_id 
- when he takes this link and the copy in another browser than the one used to create the account, it is sent to a page with the message "Confirm the validity of the email address XXXX" with a button "Click here" 
- if the user clicks on the button, the account is created and he has to authenticate to connect 

This second scenario is the one expected. 

Have I forgotten something in understanding the features? Obviously, a cookie is created and associated with the account during its creation which explains that it is already identified when it is returned to its account 

Thank you in advance for your lights. 

I'am using Keyclaok 4.5.0 


FGOURRIER