Setting required action on new keycloak user account

Figured out what was up.

Keycloak has an enum to represent various user actions:

public static enum RequiredAction {
    VERIFY_EMAIL, UPDATE_PROFILE, CONFIGURE_TOTP, UPDATE_PASSWORD, TERMS_AND_CONDITIONS
}

So the value should be "UPDATE_PASSWORD" not "Update password"

Now in Keycloak 8.x you can use

UserResource.toRepresentation().setRequiredActions(...);

to manually trigger an action like "verify email" after changing the loginname.

To find out all the possible required actions aliases, export your targeted realm as json from the admin interface. In the json you will find the "requiredActions" array in which all the legal actions are listed like so:

 "requiredActions": [
    {
      "alias": "CONFIGURE_TOTP",
      "name": "Configure OTP",
      "providerId": "CONFIGURE_TOTP",
      "enabled": true,
      "defaultAction": false,
      "priority": 10,
      "config": {}
    },
    {
      "alias": "terms_and_conditions",
      "name": "Terms and Conditions",
      "providerId": "terms_and_conditions",
      "enabled": false,
      "defaultAction": false,
      "priority": 20,
      "config": {}
    },

Just use the string under the "alias" tag when setting the list of required actions in the code.

Setting required action on new keycloak user account

Tags:

Keycloak

Related

Recent Posts