I'm new to keycloak.
I want to make few attributes of user as readonly (even for admin user).
Now, I could able to create attributes but didn't found option to change them into readonly attributes.
Tried several ways but nothing worked good for me. Any help regarding this will be highly appreciated.
I'm having a similar problem (I want birthdate, firstname and lastname imported from an IDP to be readonly). My solution is to store the attribute with a different name.
For example, if I want my birthdate to be readonly, I store the value in attribute birthdate_readonly and I set the client's mapper for birthdate to send birthdate_readonly attribute's value.
In fact birthdate_readonly can be overwritten but at least it is hidden.
If anyone has a true solution to make the attribute readonly, I'll be glad to know. Maybe with SPI or authentication flow scripts :/
Related
I'm creating a custom theme to emails on keycloak and I need to get the user Id who ask for password reset. I can get the Username, the Firs name etc by user.getUsername(),user.getFirstName() but I can't get the Id. I tried user.getUserId, user.getId, user.getID..but always get an error. Can anybody helps me?
Thanks
Unfortunately, the id is not available out of the box. The user attribute is an instance of ProfileBean. You can only use the properties of that class.
You will need to either find a way to map it into an attribute or write a custom EmailTemplateProvider
I'm still learning REST API principles and this one still confuses me. Password inside User Resource is private and of course cannot be placed in a response, while sometimes we need to get user data for public (e.g. when someone seeing someone else's user page). How do we handle this based on REST API principles? Should I remove password inside response before sending it?
Yes, you should not return the password in response. I would suggest you should create two DTOs
UserInputDTO: This contains the password and other values
UserOutputDTO: Here you have only those fields which are useful for the output and we can exclude password field and fields related to your internal implementation.
If your input and output looks same then you can add JsonIgnore annotation on the password field.
If by removing you meant setting it null then still the user can see the fieldname password, and if at any time you forgot to set it null then it will be a security issue. To solve this issue, you can use the JsonIgnore annotation.
I am making an Action in Zapier for my App.
I have two fields where only one needs to be filled.
For eg: The user can either enter the email or phoneNumber but not both.
So I cant use the 'Required' attribute because it will ask user to enter both.
I couldnt find a solution in the Zapier Documentation also.
Kindly Help
Thanks
David from the Zapier Platform team here.
The best way to do this is mark neither field as required, but include help text for each field that mentions that either one or the other is needed.
Then, before you make your request, verify that a || b is true. If it's not, throw an error telling the user they have to supply either.
Hope that clears it up!
i'm on a Symfony project ( v2.5 ) and i'm using FOSUserBundle & OAuth for the login/sign in.
My problem is : I have different type of user with some that has more informations to edit in /profile/edit. That's why i'm trying in a simple way to get user informations to do a condition in the form builder. With one attribute i'm able to know which type of user i have and which form he needs.
After a lot of research i found this https://github.com/PUGX/PUGXMultiUserBundle/blob/master/Resources/doc/index.md
but that doesn't seem to be the best for my little problem.
Best regards,
Thanks for replying
I've found a way ( nasty but working )
Before creating the form, i've access to user, so I set the attribute in the Session, catching the attribute in the builder then unsetting the session
I have a Ektron client with Ektron installed. They would like to add the functionality to change a password to something they want. Do I need to be concerned with the ektron part or just go ahead and make my edit?
Is there an easy way to do that? Any links to information would be greatly appreciated.
If you're talking about Ektron CMS400 Membership Users, you can use the Web Service Method:
User.ResetMembershipUserPassword
If you're trying to set it for regular CMS400 users, you're out of luck. The administrator will need to reset their password (if they've forgotten it) and the user will need to log back in to the workarea and change their password there.
UPDATE
That method resets the password to a random value. To set the password to a desired value, you'll have to use:
Ektron.Cms.BusinessApi.dll
Ektron.Cms.UserAPI.ResetMembershipUserPassword(string Username,
string oldPassword,
string newPassword)