KEYCLOAK-15897: Update Credentials (#23)

* Update Credentials * Update Credentials module * Update credentials.adoc * Update proc-creating-otp.adoc * Update proc-setting-password-user.adoc * Update proc-setting-password-user.adoc * Update proc-creating-otp.adoc * Update credentials.adoc * Update proc-setting-password-user.adoc * Update credentials.adoc * Update credentials.adoc * Update proc-creating-otp.adoc Just corrected on type (Configue) so I can merge this one. Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2020-10-22 22:58:55 +01:00 · 2020-10-22 22:58:55 +01:00 · b3fbac011c
commit b3fbac011c
parent 1e51a8d902
3 changed files with 44 additions and 41 deletions
--- a/server_admin/topics/users/credentials.adoc
+++ b/server_admin/topics/users/credentials.adoc
@ -1,7 +1,7 @@
-[[_user-credentials]]
+[id="ref-user-credentials_{context}"]
 = User Credentials
-When viewing a user if you go to the `Credentials` tab you can manage a user's credentials.
+You can manage credentials of a user in the *Credentials* tab. 
 .Credential Management
 image:{project_images}/user-credentials.png[]
@ -9,52 +9,24 @@ image:{project_images}/user-credentials.png[]
 The credentials are listed in a table, which has the following fields:
 Position::
-   The arrow buttons in this column allows you to shift the priority of the credential for the user, with the topmost credential having the highest priority.
+   The arrow buttons in the *Position* column allow you to shift the priority of the credential for the user. The topmost credential has the highest priority. The priority determines which credential is displayed first after a user logs in.
-   This priority determines which credential will be shown first to a user in case of a choice during login. The highest priority of those available to the
+
   user will be the one selected.
 Type::
-   This shows the type of the credential, for example `password` or `otp`.
+   This shows the type of the credential, for example *password* or *OTP*.
 User Label::
-   This is an assignable label to recognise the credential when presented as a selection option during login. It can be set to any value to describe the
+   This is an assignable label to recognize the credential when presented as a selection option during login. It can be set to any value to describe the
   credential.
 Data::
-   This shows the non-confidential technical information about the credential. It is originally hidden, but you can press `Show data...` to reveal it for a
+   This is the non-confidential technical information about the credential. It is hidden, by default. You can click *Show data...* to display the data for a	
   credential.
 Actions::
-   This column has two buttons. `Save` records the value of the User Label, while `Delete` will remove the credential.
+   This column has two actions. Click *Save* to record the value or the user field. Click *Delete* to remove the credential.
 == Creating a Password for the User
-If a user doesn't have a password, or if the password has been deleted, the `Set Password` section will be shown on the page.
+You cannot configure other types of credentials for a specific user in the admin console; this is the responsibility of the user.
-.Credential Management - Set Password
+You can delete the credentials of a user in the event a user loses an OTP device or if credentials have been compromised. You can only delete credentials of a user in the *Credentials* tab. 
 image:images/user-credentials-set-password.png[]
 To create a password for a user, type in a new one. Click on the `Set Password` button after you've typed everything in.
 If the `Temporary` switch is on, this new password can only be used once and the user will be asked to change their password after they have
 logged in.
 If a user already has a password, it can be reset in the `Reset Password` section.
 Alternatively, if you have <<_email, email>> set up, you can send an email to the user that asks
 them to reset their password.  Choose `Update Password` from the `Reset Actions` list box and click `Send Email`. You can optionally
 set the validity of the e-mail link which defaults to the one preset in `Tokens` tab in the realm settings.
 The sent email contains a link that will bring the user to the update password screen.
 Note that a user can only have a single credential of type password.
 == Creating other credentials
 You cannot configure other types of credentials for a specific user within the Admin Console. This is the responsibility of the user.
 You can only delete credentials for a user on the `Credentials` tab, for example if the user has lost an OTP device, or if a credential
 has been compromised.
 == Creating an OTP
 If OTP is conditional in your realm, the user will have to go to the User Account Management service to re-configure a new OTP generator. If OTP is required, then the user will be asked
 to re-configure a new OTP generator when they log in.
 Like passwords, you can alternatively send an email to the user that will ask them to reset their OTP generator.  Choose
 `Configure OTP` in the `Reset Actions` list box and click the `Send Email` button.  The sent email
 contains a link that will bring the user to the OTP setup screen. You can use this method even if the user already has an OTP credential,
 and would like to set up some more.
--- a/server_admin/topics/users/proc-creating-otp.adoc
+++ b/server_admin/topics/users/proc-creating-otp.adoc
@ -0,0 +1,13 @@
 [id="proc_creating-otp_{context}"]
 = Creating an OTP
 [role="_abstract"]
 If OTP is conditional in your realm, the user must navigate to the *User Account Management* page to reconfigure a new OTP generator. If OTP is required, then the user must reconfigure a new OTP generator when logging in. You can use the following procedure if the user already has an OTP credential. Alternatively, you can send an email to the user that requests the user reset the OTP generator. 
 .Prerequisite
 * You are logged in to the appropriate realm.
 .Procedure
 . Navigate to the *Reset Actions* list.
 . Click *Configure OTP*. 
 . Click *Send Email*. The sent email contains a link that directs the user to the OTP setup page. 
--- a/server_admin/topics/users/proc-setting-password-user.adoc
+++ b/server_admin/topics/users/proc-setting-password-user.adoc
@ -0,0 +1,18 @@
 [id="proc-setting-password-user_{context}"]
 = Setting a password for a user
 [role="_abstract"]
 If a user does not have a password, or if the password has been deleted, the *Set Password* section is displayed.
 If a user already has a password, it can be reset in the *Reset Password* section.
 .Procedure
 . Type in a new password, in the *Set Password* section.
 . Click *Set Password*.
 +
 NOTE: If the *Temporary* radion button is set to *ON*, the password is temporary and the user must change the password after the first login. If a user prefers to create a password that is persistent, the *Temporary* radio button must be set to *OFF* and the user must click *Set Password*.
 +
 . Alternatively, you can send an email to the user that requests the user reset the password.  
 .. Navigate to the *Reset Actions* list.
 .. Click *Update Password* from the list.
 .. Click *Send Email*. The sent email contains a link that directs the user to the *Update Password* window.
 .. Optionally, you can set the validity of the email link. This is set to the default preset in the *Tokens* tab in the realm setiings.