Keycloak, not returning access token if update password action selected

keycloak keycloak-services
22,989

Solution 1

If you mark the password as temporary a user action to update password is marked as required.

And until the password has been updated/set by the user i.e. this action has been completed, you won't be able to get an access token using this user since the account is not "fully setup" and is in a kind of intermediate state where an action is required to complete the setup.

Solution 2

If you want to update the password then update it and do not mark it temporary, If you mark temporary then after that just remove the update password from Required Actions box.

Share:
22,989

Related videos on Youtube

Shailesh Narkhede
Author by

Shailesh Narkhede

Updated on July 09, 2022

Comments

  • Shailesh Narkhede
    Shailesh Narkhede almost 2 years

    I am calling /auth/realms/master/protocol/openid-connect/token to get access token by sending below content in body, grant_type=password&client_id=example-docker-jaxrs-app&username=user&password=password&client_secret=1d27aedd-11c2-4ed2-97d5-c586e1f9b3cd

    but when I put update password as required action to user from keycloak admin console getting following error when try to get token by above mentioned api,

    {
    "error": "invalid_grant",
    "error_description": "Account is not fully set up"
}

    one more thing, What is difference in 2 setting, Temporary password and Update password Required action ?

    Temporary flag here in users credential tab

    Update password as required action in user details tab

  • Shailesh Narkhede
    Shailesh Narkhede about 7 years
    Thanks for reply, then how can somebody validate username/password first time. I do not want to user keycloak screen I have our own login page, and we are using /token api for validateing username/password.
  • ritesh.garg
    ritesh.garg about 7 years
    You can avoid marking the password as temporary. No required action will be added to the user profile and the credentials can be used to get a token
  • Aliy
    Aliy about 5 years
    @ShaileshNarkhede have you found any solution ? if yes, would you mind to share it with us))? thanks in advance
  • Shailesh Narkhede
    Shailesh Narkhede about 5 years
    as said in above comment, do not mar password as temporary, then updateAction will not get added and access token is returned.
  • Abdelmjid EL KIHEL
    Abdelmjid EL KIHEL over 2 years
    thank you your solution fixed my issue

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Keycloak Angular 2 - Check authenticated status Keycloak object
Keycloak REST API 403 forbidden
How to get userinfo in springboot using keycloak?
KeyCloak : No 'Access-Control-Allow-Origin' header is present on the requested resource
Didn't find publicKey for kid ,Keycloak?
Generate JWT Token in Keycloak and get public key to verify the JWT token on a third party platform
Avoid keycloak default login page and use project login page
Keycloak Invalid token issuer
Flutter appauth Invalid parameter: redirect_uri
Authenticate flutter app with keycloak and openid_client