KEYCLOAK-6455 Ability to require email to be verified before changing (#1511)

Closes #1520
This commit is contained in:
Réda Housni Alaoui 2022-05-09 18:51:26 +02:00 committed by GitHub
parent 7047d6f340
commit 3a7b13cf45
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 0 deletions

View file

@ -14,4 +14,5 @@ include::login-settings.adoc[leveloffset=2]
include::login-settings/forgot-password.adoc[leveloffset=2] include::login-settings/forgot-password.adoc[leveloffset=2]
include::login-settings/remember-me.adoc[leveloffset=2] include::login-settings/remember-me.adoc[leveloffset=2]
include::login-settings/acr-to-loa-mapping.adoc[leveloffset=2] include::login-settings/acr-to-loa-mapping.adoc[leveloffset=2]
include::login-settings/update-email-workflow.adoc[leveloffset=2]
include::realms/keys.adoc[] include::realms/keys.adoc[]

View file

@ -0,0 +1,30 @@
[[_update-email-workflow]]
=== Update Email Workflow (UpdateEmail)
With this workflow, users will have to use an UPDATE_EMAIL action to change their own email address.
The action is associated with a single email input form. If the realm has email verification disabled, this action will allow to update the email without verification. If the realm has email verification enabled, the action will send an email update action token to the new email address without changing the account email. Only the action token triggering will complete the email update.
Applications are able to send their users to the email update form by leveraging UPDATE_EMAIL as an AIA (Application Initiated Action).
ifeval::[{project_product}==true]
:tech_feature_name: UpdateEmail
:tech_feature_setting: -Dkeycloak.profile.feature.update_email=enabled
:tech_feature_id: update-email
include::../templates/techpreview.adoc[]
endif::[]
ifeval::[{project_community}==true]
[IMPORTANT]
====
Please note that Update Email Workflow support is in development. Use this feature experimentally.
====
endif::[]
[NOTE]
====
If you enable this feature and you are migrating from a previous version, enable the *Update Email* required action in your realms. Otherwise, users cannot update their email addresses.
====

View file

@ -99,6 +99,11 @@ The features that can be enabled and disabled are:
|Yes |Yes
|Supported |Supported
|update_email
|Update Email Workflow
|No
|Preview
|=== |===
To enable all preview features start the server with: To enable all preview features start the server with: