libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Adding missing explicit IDs for cross-references

Browse source 
Closes #27316

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
Alexander Schwartz 2024-02-27 17:32:51 +01:00 committed by Alexander Schwartz
parent ee3a4a6e4f
commit 6de61f61f0
4 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/documentation/server_admin/topics/authentication/flows.adoc
View file

@ -407,7 +407,7 @@ in the authentication flow), then {project_name} will throw an error.
==== Registration or Reset credentials requested by client ==== Registration or Reset credentials requested by client
Usually when the user is redirected to the {project_name} from client application, the `browser` flow is triggered. This flow may allow the user to <<con-user-registration_{context}, register>> in case Usually when the user is redirected to the {project_name} from client application, the `browser` flow is triggered. This flow may allow the user to <<con-user-registration_{context}, register>> in case
that realm registration is enabled and the user clicks `Register`on the login screen. Also, if <<enabling-forgot-password, Forget password>> is enabled for the realm, the user can that realm registration is enabled and the user clicks `Register` on the login screen. Also, if <<enabling-forgot-password,Forget password>> is enabled for the realm, the user can
click `Forget password` on the login screen, which triggers the `Reset credentials` flow where users can reset credentials after email address confirmation. click `Forget password` on the login screen, which triggers the `Reset credentials` flow where users can reset credentials after email address confirmation.
Sometimes it can be useful for the client application to directly redirect the user to the *Registration* screen or to the *Reset credentials* flow. The resulting action will match the action of when the Sometimes it can be useful for the client application to directly redirect the user to the *Registration* screen or to the *Reset credentials* flow. The resulting action will match the action of when the

1
docs/documentation/server_admin/topics/authentication/password-policies.adoc
View file

@ -99,6 +99,7 @@ The current implementation uses a BloomFilter for fast and memory efficient cont
* By default a false positive probability of `0.01%` is used. * By default a false positive probability of `0.01%` is used.
* To change the false positive probability by CLI configuration, use `--spi-password-policy-password-blacklist-false-positive-probability=0.00001`. * To change the false positive probability by CLI configuration, use `--spi-password-policy-password-blacklist-false-positive-probability=0.00001`.
[[maximum-authentication-age]]
===== Maximum Authentication Age ===== Maximum Authentication Age
Specifies the maximum age of a user authentication in seconds with which the user can update a password without re-authentication. A value of `0` indicates that the user has to always re-authenticate with their current password before they can update the password. Specifies the maximum age of a user authentication in seconds with which the user can update a password without re-authentication. A value of `0` indicates that the user has to always re-authenticate with their current password before they can update the password.

1
docs/documentation/server_admin/topics/login-settings/forgot-password.adoc
View file

@ -1,4 +1,5 @@
[[enabling-forgot-password]]
== Enabling forgot password == Enabling forgot password
If you enable `Forgot password`, users can reset their login credentials if they forget their passwords or lose their OTP generator. If you enable `Forgot password`, users can reset their login credentials if they forget their passwords or lose their OTP generator.

2
docs/documentation/server_admin/topics/users/con-aia.adoc
View file

@ -44,7 +44,7 @@ the client can still request re-authentication when some AIA is requested. Exce
* The action `delete_account` will always require the user to actively re-authenticate * The action `delete_account` will always require the user to actively re-authenticate
* The action `update_password` might require the user to actively re-authenticate according to the configured <<maximum-authentication-age, Maximum Authentication Age Password policy>>. * The action `update_password` might require the user to actively re-authenticate according to the configured <<maximum-authentication-age,Maximum Authentication Age Password policy>>.
In case the policy is not configured, it also defaults to five minutes. In case the policy is not configured, it also defaults to five minutes.
* If you want to use a shorter re-authentication, you can still use a parameter query parameter such as `max_age` with the specified shorter value or eventually `prompt=login`, which will always require user to * If you want to use a shorter re-authentication, you can still use a parameter query parameter such as `max_age` with the specified shorter value or eventually `prompt=login`, which will always require user to