libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
keycloak-scim/docs/documentation/server_admin/topics/login-settings/forgot-password.adoc
Michael Schnitzler fdfe41bdda fix documentation for resetting OTP in "reset credentials" flow (#26834) 
The former version stated that the "Reset OTP" step had to be disabled in the "reset credentials" authentication flow in order to keep the OTP unchanged. This leads to an error. More precisely, the "Reset - Conditional OTP" sub-flow has to be disabled.

Fixex #26834

Signed-off-by: Michael Schnitzler <schnitzler.michael+github@gmail.com>
2024-02-07 11:57:58 -03:00

47 lines
1.8 KiB
Text
Raw Blame History

== Enabling forgot password
If you enable `Forgot password`, users can reset their login credentials if they forget their passwords or lose their OTP generator.
.Procedure
. Click *Realm settings* in the menu.
. Click the *Login* tab.
+
.Login tab
image:images/login-tab.png[Login Tab]
+
. Toggle *Forgot password* to *ON*.
+
A `Forgot Password?` link displays in your login pages.
+
.Forgot password link
image:images/forgot-password-link.png[Forgot Password Link]
+
. Specify `Host` and `From` in the *Email* tab in order for Keycloak to be able to send the reset email.
+
. Click this link to bring users where they can enter their username or email address and receive an email with a link to reset their credentials.
+
.Forgot password page
image:images/forgot-password-page.png[Forgot Password Page]
The text sent in the email is configurable. See link:{developerguide_link}[{developerguide_name}] for more information.
When users click the email link, {project_name} asks them to update their password, and if they have set up an OTP generator, {project_name} asks them to reconfigure the OTP generator. Depending on security requirements of your organization, you may not want users to reset their OTP generator through email.
To change this behavior, perform these steps:
.Procedure
. Click *Authentication* in the menu.
. Click the *Flows* tab.
. Select the *Reset Credentials* flow.
+
.Reset credentials flow
image:images/reset-credentials-flow.png[Reset Credentials Flow]
+
If you do not want to reset the OTP, set the `Reset - Conditional OTP` sub-flow requirement to *Disabled*.
. Click *Authentication* in the menu.
. Click the *Required actions* tab.
. Ensure *Update Password* is enabled.
+
.Required Actions
image:images/reset-credentials-required-actions.png[Required Actions]
Reference in a new issue View git blame Copy permalink