Keycloak, not returning access token if update password action selected
Solution 1
If you mark the password as temporary a user action to update password
is marked as required.
And until the password has been updated/set by the user i.e. this action has been completed, you won't be able to get an access token using this user since the account is not "fully setup" and is in a kind of intermediate state where an action is required to complete the setup.
Solution 2
If you want to update the password then update it and do not mark it temporary, If you mark temporary then after that just remove the update password from Required Actions box.
Related videos on Youtube
Shailesh Narkhede
Updated on July 09, 2022Comments
-
Shailesh Narkhede almost 2 years
I am calling
/auth/realms/master/protocol/openid-connect/token
to get access token by sending below content in body,grant_type=password&client_id=example-docker-jaxrs-app&username=user&password=password&client_secret=1d27aedd-11c2-4ed2-97d5-c586e1f9b3cd
but when I put update password as required action to user from keycloak admin console getting following error when try to get token by above mentioned api,
{ "error": "invalid_grant", "error_description": "Account is not fully set up" }
one more thing, What is difference in 2 setting, Temporary password and Update password Required action ?
-
Shailesh Narkhede about 7 yearsThanks for reply, then how can somebody validate username/password first time. I do not want to user keycloak screen I have our own login page, and we are using /token api for validateing username/password.
-
ritesh.garg about 7 yearsYou can avoid marking the password as temporary. No required action will be added to the user profile and the credentials can be used to get a token
-
Aliy about 5 years@ShaileshNarkhede have you found any solution ? if yes, would you mind to share it with us))? thanks in advance
-
Shailesh Narkhede about 5 yearsas said in above comment, do not mar password as temporary, then updateAction will not get added and access token is returned.
-
Abdelmjid EL KIHEL over 2 yearsthank you your solution fixed my issue