Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Keycloak: Update user password in AngularJS application

I'm building an AngularJS application protected by Keycloak. Each user should update his password within his user profile.

Calling the Keycloak API for password

GET /auth/realms/{realm_name}/account/password

returns HTML content from Keycloak. I would like to build my own form to update a user's password.

In the Keycloak documentation I found

POST /auth/realms/{realm_name}/account/password

which requires the attributes

{
    'password' => user's current password
    'password-new' => new password
    'password-confirm' => new password again
    'stateChecker' => token from keycloak
}

Calling

POST /auth/realms/{realm_name}/account/password

without the 'stateChecker' attribute causes an error. This attribute is needed.

So here are my questions:

  • How do I get the value for stateChecker from keycloak for the logged in user (in Keycloak it's in a hidden input field)?
  • Is there another possibility to change a user's password with a REST API call?

Thanks in advance.

Note:

Calling:

POST /auth/realms/{realm_name}/account/password

with hard coded attributes and values

{
    'password': 'somepasswd',
    'password-new': 'someNEWpasswd',
    'password-confirm': 'someNEWpasswd',
    'stateChecker': '<token copied and pasted from keycloak>',
}

is working!

like image 465
Second2None Avatar asked Feb 09 '23 14:02

Second2None


2 Answers

My advice would be to overwrite the keycloak theme (check this out: http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/userguide/html/themes.html).

You can extend and modify the existing forms to look like the rest of your application.

like image 181
lisa p. Avatar answered Feb 13 '23 07:02

lisa p.


Finally I ended up with an own implementation of a rest endpoint using keycloaks admin rest api.

Building an own theme could be a solution too, as Lisa stated.

like image 34
Second2None Avatar answered Feb 13 '23 05:02

Second2None