libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-6455 Ability to require email to be verified before changing (#1511)

Browse source 
Closes #1520
This commit is contained in:
Réda Housni Alaoui 2022-05-09 18:51:26 +02:00 committed by GitHub
parent 7047d6f340
commit 3a7b13cf45
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
server_admin/topics/admin-console.adoc
View file

@ -14,4 +14,5 @@ include::login-settings.adoc[leveloffset=2]
include::login-settings/forgot-password.adoc[leveloffset=2]
include::login-settings/remember-me.adoc[leveloffset=2]
include::login-settings/acr-to-loa-mapping.adoc[leveloffset=2]
include::login-settings/update-email-workflow.adoc[leveloffset=2]
include::realms/keys.adoc[]

30
server_admin/topics/login-settings/update-email-workflow.adoc Normal file
View file

@ -0,0 +1,30 @@
[[_update-email-workflow]]
=== Update Email Workflow (UpdateEmail)
With this workflow, users will have to use an UPDATE_EMAIL action to change their own email address.
The action is associated with a single email input form. If the realm has email verification disabled, this action will allow to update the email without verification. If the realm has email verification enabled, the action will send an email update action token to the new email address without changing the account email. Only the action token triggering will complete the email update.
Applications are able to send their users to the email update form by leveraging UPDATE_EMAIL as an AIA (Application Initiated Action).
ifeval::[{project_product}==true]
:tech_feature_name: UpdateEmail
:tech_feature_setting: -Dkeycloak.profile.feature.update_email=enabled
:tech_feature_id: update-email
include::../templates/techpreview.adoc[]
endif::[]
ifeval::[{project_community}==true]
[IMPORTANT]
====
Please note that Update Email Workflow support is in development. Use this feature experimentally.
====
endif::[]
[NOTE]
====
If you enable this feature and you are migrating from a previous version, enable the *Update Email* required action in your realms. Otherwise, users cannot update their email addresses.
====

5
server_installation/topics/profiles.adoc
View file

@ -99,6 +99,11 @@ The features that can be enabled and disabled are:
|Yes
|Supported
|update_email
|Update Email Workflow
|No
|Preview
|===
To enable all preview features start the server with: