I'm building an AngularJS application protected by Keycloak. Each user should update his password within his user profile.
Calling the Keycloak API for password
GET /auth/realms/{realm_name}/account/password
returns HTML content from Keycloak. I would like to build my own form to update a user's password.
In the Keycloak documentation I found
POST /auth/realms/{realm_name}/account/password
which requires the attributes
{
'password' => user's current password
'password-new' => new password
'password-confirm' => new password again
'stateChecker' => token from keycloak
}
Calling
POST /auth/realms/{realm_name}/account/password
without the 'stateChecker' attribute causes an error. This attribute is needed.
So here are my questions:
stateChecker
from keycloak for the logged in user (in Keycloak it's in a hidden input field)?Thanks in advance.
Note:
Calling:
POST /auth/realms/{realm_name}/account/password
with hard coded attributes and values
{
'password': 'somepasswd',
'password-new': 'someNEWpasswd',
'password-confirm': 'someNEWpasswd',
'stateChecker': '<token copied and pasted from keycloak>',
}
is working!
My advice would be to overwrite the keycloak theme (check this out: http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/userguide/html/themes.html).
You can extend and modify the existing forms to look like the rest of your application.
Finally I ended up with an own implementation of a rest endpoint using keycloaks admin rest api.
Building an own theme could be a solution too, as Lisa stated.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With