keycloak: invitation workflow #17

Closed
opened 5 months ago by thommie · 3 comments
Owner

https://github.com/RedFroggy/keycloak-registration-invitation does not work/not compatible to latest kc

https://github.com/RedFroggy/keycloak-registration-invitation does not work/not compatible to latest kc
thommie added the
enhancement
label 5 months ago
Poster
Owner

I think you've got two options to implement it:

First

You know the e-mail of the destination user before sending the invitation, so you would let the admin create a user in keycloak with the e-mail itself as the username. Then the admin should check 'Verify e-mail', 'Update profile' and 'Update password' as required actions, so keycloak will send an activation mail (you can customize the e-mail template) and user will be required to fill his data and set a password.

If you don't want the admin to access keycloak directly, you could do it via the user management API.

Second

Implement this logic in your application. Write a user data form which is publicly accessible using a code (it might be some UUID). When admin sending the invitation mail, link a random code to the address, so when user enters the page, you can verify it. Then you'll need to save the data in keycloak as a new user, using the user management API.

I think you've got two options to implement it: ## First You know the e-mail of the destination user before sending the invitation, so you would let the admin create a user in keycloak with the e-mail itself as the username. Then the admin should check 'Verify e-mail', 'Update profile' and 'Update password' as required actions, so keycloak will send an activation mail (you can customize the e-mail template) and user will be required to fill his data and set a password. If you don't want the admin to access keycloak directly, you could do it via the user management API. ## Second Implement this logic in your application. Write a user data form which is publicly accessible using a code (it might be some UUID). When admin sending the invitation mail, link a random code to the address, so when user enters the page, you can verify it. Then you'll need to save the data in keycloak as a new user, using the user management API.
Poster
Owner

Workflow:

  • Admin legt Konto mit E-Mail als Username
  • Required user actions: 'Verify e-mail', 'Update profile' 'Update password'
  • Keycloak versendet Aktivierungs-Mail
  • User muss sich anmelden, Daten eintragen und das Passwort aktualisieren
Workflow: - Admin legt Konto mit E-Mail als Username - Required user actions: 'Verify e-mail', 'Update profile' 'Update password' - Keycloak versendet Aktivierungs-Mail - User muss sich anmelden, Daten eintragen und das Passwort aktualisieren
thommie added
test
and removed
enhancement
labels 5 months ago
Poster
Owner
  • done
  • do not use "update profile", only verify e-mail and update password
- done - do not use "update profile", only verify e-mail and update password
thommie added the
done
label 4 months ago
thommie closed this issue 4 months ago
thommie added this to the Issues project 3 months ago
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

No dependencies set.

Reference: thommie/issues#17
Loading…
There is no content yet.