是否有可能通过 OTP 验证来更改密钥斗篷上的用户密码(通过 API 调用)?
[英]Is there any possibility to OTP validation for changing user password (by API call) on keycloak?
问题描述
I am trying to implement my own form for changing a user's password.
我正在尝试实现我自己的表单来更改用户密码。 I have found an API PUT call for changing user's password in Keycloak (12.0.4) but I have to precede this process with a OTP validation process or reauthenticate user somehow.我在 Keycloak (12.0.4) 中找到了一个用于更改用户密码的 API PUT 调用,但我必须在此过程之前使用 OTP 验证过程或以某种方式重新验证用户。 Is there any possibility to do this without writing keycloak's extensions?如果不编写 keycloak 的扩展,是否有可能做到这一点?
1 个解决方案
解决方案1
0 2022-10-03 06:42:31
You can use the prompt=login parameter when redirecting requests to Keycloak so that it would ask the user to login (even if he/she has already logged in).您可以在将请求重定向到 Keycloak 时使用prompt=login参数,以便它会要求用户登录(即使他/她已经登录)。 For example:例如:
yourkeycloak.com/auth/realms/your-realm/protocol/openid-connect/auth?response_type=code&client_id=your-client-id& redirect_uri=https://mywebsite.com/changepassword_url &scope=openid& prompt=login yourkeycloak.com/auth/realms/your-realm/protocol/openid-connect/auth?response_type=code&client_id=your-client-id& redirect_uri=https://mywebsite.com/changepassword_url &scope=openid& prompt=login
If user has 2FA enabled, the 2FA should also be done successfully.如果用户启用了 2FA,则 2FA 也应该成功完成。 So I guess it would cover your requirements properly.所以我想它会适当地满足您的要求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.