I am getting Page has expired page on trying to do multiple clicks on Forgot Password after adding username.
Flow is as follows:
- On clicking "Forgot Password?" from Login screen.
- It redirects to "Forgot Your Password?" screen, where it accepts username and
allow us to submit the form.
- Shows "Page has expired" screen with two options:-
To restart the login process Click here.
To continue the login process Click here.
There are 2 issues:
1. Not sure why its taking user to Page has expired page.
2. The redirected page has CSS issues. Refer attached screenshot.
Is there anything wrong with my Keycloak configuration? I am using 6.0.1 version of keycloak
Advice: Use always new version of keycloak (currently 10.x)
I guess it is related with token nature (expired). As I see your reset-password template is broken. There are some crucial variables and conditions in this template.
Related
I have developed an SAML application which only uses Microsoft as IDP for successful login and logout of specific users. So after logout, I want Microsoft to redirect me to the website I have configured in the Logout URL of MyApplication in Azure Active Directory. The log-in functionality works everytime but when I logout in presence of only one Microsoft Signed-In account, it logouts perfectly and redirects me to the website I specified. I am facing the issue when I am asked to choose account to logout from a set of accounts (refer Image) of which when I select the configured account, it log me out perfectly but is unable to redirect me to my specified page. The page gets stuck on "You signed out of your account It's a good idea to close all browser windows." (refer Image). Thus I want to be redirected to the specified page when I am asked to select an account while logging out.
Logout Issue Redirect Image reference
Logout Issue Redirect Image reference
This is a known bug in this library.
Here are some alternatives.
You can use silent logout.
The post logout redirect isn't expected after calling logout. This could be a timing issue.
You can achieve a 'clean' logout by opening a new window and calling logout from there. Then a user is left with an extra open window; but at least they've retained a view of the app and it hasn't lost state.
In my application I have a link that redirects to the user's account page on the Keycloak server.
In this page the user can update his personal information.
The problem is that after entering his account page the user has no way to get back to the application.
There's a way to let the user get back without editing the page theme?
I found the answer by looking at the freemaker template.
In my case I had to:
Set the application URL in the Base URL option in the Keycloak client settings.
Append the parameter ?referrer=<Client ID> on the URL that links to the user profile page.
ie http://127.0.0.1:8080/auth/realms/<realm>/account?referrer=<Client ID>
With these two settings the link to go back to the application will be visible.
I have created a website that allow user use facebook login system to regist and login. The system runs good. It can use single sign-on to login the system, so the user does not need to input the username and password --- until yesterday.
One of teammate find that he stucked in the login system, and the single sign-on does not function anymore. The user need to input account detail whatever they have login facebook or not. The most funny thing is, after the user login in facebook login system, it does not redirect the user to the "next" url or redirect them to facebook.com (mostly this means login system setting had eror). It just stuck in the facebook server with empty blank page.
This is the link what I stuck in....
https://www.facebook.com/login.php?login_attempt=1&fbconnect=1&display=page&next=(next url)&req_perms=publish_stream%2Cread_stream%2Cemail%2Cuser_photos&legacy_return=1
without session code, and does not have any reply.
I want to know if I have set something wrong...
Use of legacy_return was deprecated almost a year ago with the migration to OAuth2, and the endpoints were finally shut down today. Please update your integration per https://developers.facebook.com/docs/concepts/login/
I am stuck trying to use the authenticated referrals section in the Auth Dialog section of the app developer. I have setup setup my app, and I have some code to login, and perform some checks, but whenever the authorize app screen appears, the data I entered into the Authenticated Referrals Section is never shown, I only see the "The App will receive: Your basic data."
I have tried disabling and re-enabling the Enhanced Auth Dialog under the Advanced section of the app, have tried clearing my cache, and even resetting my secret key. I've browsed plenty of sites/forums, but haven't found any solution. What am I missing?
Any suggestions would be great
Are you sure that the auth dialogs you're seeing are actually Authenticated Referral dialogs?
If you navigate to your app manually that's not an authenticated referral and your code needs to manually call the auth dialog - Authenticated Referrals appear when users click links to your app from requests, news feed stories, etc. - more info is in the documentation
If users are landing on your app and you're not directing them to the correct set of permissions in the auth dialog - see the Authentication docs to see how to proceed - basically you redirect them to the Auth dialog, with a scope parameter containing the permissions you need, then complete the auth flow when they come back to your app (how you do this depends on which SDK you use)
I have a website and I want users to register and login via Facebook connect. What I can't find out is how to FORCE a registration before logging in. I need all users in my database but it's possible to click the Facebook Login button without registering... I just don't get it, how do I FORCE a registration? Is there any good example on this?
Thanks for your help.
When you say you need all users in your database, what exactly do you mean?
With the facebook login button, you can still supply a redirect url after they authenticate for the first time and you can then capture their user_id, or potentially forward them to another page that has your own registration form. You could then have a flag in your database that indicates if they are a confirmed user (much like when you send email confirmations) that only gets set to true once they have submitted your extra form.
Check this flag on page load and forward them to your form if they haven't entered those details. Then control access to your site based on that flag.
Or are you saying you're trying to use the registration plugin https://developers.facebook.com/docs/plugins/registration/ but that isn't working correctly?