KEYCLOAK Enforce User Re-Authentication (e.g. before Updating Password) | Niko Köbler (@dasniko)

The default way to update a users password in #Keycloak doesn't necessarily enforce the user to enter his/her current #password. This video shows you the way how you can enforce to re-#authenticate a user (aka entering the current password) before any required action. It's as simple as just implementing a few lines of code. ATTENTION: What I'm showing in my video is meanwhile natively possible in Keycloak through the proper password policy! 📖 Chapters: 0:00 - Intro 0:35 - Default behavior to update a password 1:27 - Code example of overwritten default required action 3:25 - Demo of custom required action with enforcing re-authentication 3:52 - Some additional hints 5:17 - Outro 🔗 Links: 📌 Demo Code of the shown example action: https://github.com/dasniko/keycloak-extensions-demo/blob/main/requiredaction/src/main/java/dasniko/keycloak/requiredaction/UpdatePassword.java Thank you for watching! Don't forget to subscribe 🔔 to my channel (if not already done) and give this video some thumbs up 👍 (aka "like"). Tell me about your experiences and in the comments. I'm looking forward to it! Thank YOU! --- I'm Niko - and I'm a Keycloak Expert and an independent freelance software consultant, developer and trainer. I'm here to help - you, your team and your company. How can I support you? Just get in contact: 🌎 Website: https://www.n-k.de 🚧 GitHub Profile: https://github.com/dasniko 𝕏 X (formerly Twitter): https://twitter.com/dasniko 🦣 Mastodon: https://mastodon.cloud/@dasniko 🎥 YouTube Channel: https://www.youtube.com/@dasniko?sub_confirmation=1 All things Java, JavaScript, All-End (Frontend, Backend, Fullstack Deployments), Authentication, Security 🔐, IAM, Keycloak, Containers, DevOps, Cloud ☁️, Serverless, On-Premise Please understand that YouTube Comments are not a good place to get support in case of questions and errors. There are forums and groups out there which are the right place to ask!