mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-21 06:20:05 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
8909d3578f429011bef6bb2c5a47678231933dab
keycloak/docs/documentation/release_notes/topics/26_1_3.adoc
rmartinc 6850f41060 Force login in reset-credentials to federated users 
Closes #37207

Signed-off-by: rmartinc <rmartinc@redhat.com>
2025-02-12 13:47:39 -03:00

5 lines
926 B
Plaintext
Raw Blame History

= Send Reset Email force login again for federated users after reset credentials
In <<keycloak-26-1-1, version 26.1.1>> a new configuration option was added to the `reset-credential-email` (*Send Reset Email*) authenticator to allow changing the default behavior after the reset credentials flow. Now the option `force-login` (*Force login after reset*) is adding a third configuration value `only-federated`, which means that the force login is true for federated users and false for the internal database users. The new behavior is now the default. This way all users managed by user federation providers, whose implementation can be not so tightly integrated with {project_name}, are forced to login again after the reset credentials flow to avoid any issue. This change in behavior is due to the secure by default policy.
For more information, see link:{adminguide_link}#enabling-forgot-password[Enable forgot password].
Reference in New Issue View Git Blame Copy Permalink