Menu
When a user is created through the Keycloak admin console, is there a way to notify a user via email that a profile has been created and the user can finish registration following by a link? Currently, the user can get an email about profile being created only if after creation a password had been set for the user. And only after an initial login attempt. But for this login attempt, the user should know the password that was set.
919
I accomplished the same thing by customizing the keycloak theme templates for the emails sent and for the login pages. Here's the Keycloak docs on how to customize the themes.
Here's the specifics of how I did it:
First, I customized the executeActions.ftl email template to be pretty and say "welcome to our application, click the link below to finish setting up your account". I continued to use the link and link expiration note from the default base template. You can see the default base template at https://github.com/keycloak/keycloak/blob/master/themes/src/main/resources/theme/base/email/html/executeActions.ftl
Second, we decided what standard keycloak actions would be "required" for new users. We decided that to finish registration, users would be required to do these actions:
Third, we setup our Keycloak realm to require all users go through the 3 steps.
In the Keycloak admin console, we set these up as "Required" actions (under Configure-->Authentication-->Required Actions), marking the "Terms and Conditions", "Update Profile" and "Update Password" actions as "Enabled" and "Default Action". We also put these actions in the exact order that we wanted them to appear in the "account setup" process that the user would go through screen by screen. For the other actions, we unchecked Default Action.
Fourth, I customized the following keycloak login templates that render the account setup pages. The keycloak-generated link that was embedded in the executeActions email (from step 1) will take the user to these "account setup" web pages:
<!-- info.ftl -->
<#import "template.ftl" as layout>
<@layout.registrationLayout displayMessage=false; section>
<#if section = "header">
<#if messageHeader??>
${messageHeader}
<#else>
<#if message.summary == msg('confirmExecutionOfActions')>
${kcSanitize(msg('welcomeToOurApplication'))?no_esc}
<#elseif message.summary == msg('accountUpdatedMessage')>
${kcSanitize(msg('accountSuccessfullySetup'))?no_esc}
<#else>
${message.summary}
</#if>
</#if>
<#elseif section = "form">
<div id="kc-info-message">
<div class="kc-info-wrapper">
<#if message.summary == msg('confirmExecutionOfActions')>
${kcSanitize(msg('startSettingUpAccount'))?no_esc}
<#elseif message.summary == msg('accountUpdatedMessage')>
${kcSanitize(msg('accountIsReadyPleaseLogin'))?no_esc}
<#else>
${message.summary}
</#if>
</div>
<#if pageRedirectUri??>
... <!-- Omitted the rest because it's the same as the base template -->
I also customized the following templates, that correspond to steps in the account setup process.
Fifth, when the administrator creates a new user, he/she triggers the welcome email being sent to the user: - In the Keycloak admin console, once you "Add" a new user, go to that user's "Credentials" tab, and under Credential Reset select the account setup actions required under "Reset Actions" and then click the "Send email" button.
Anyway, I hope this helps. I remember it taking me a little while to figure out because it is not a standard flow within keycloak.
199
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
