How to update password via keyclaok admin rest api by execute-actions-email

Question

I am trying to trigger the password-reset process in keycloack, such that the user receives an email to set a new password. Unfortunately I always get 400 response with

com.fasterxml.jackson.databind.JsonMappingException: Can not deserialize instance of java.util.ArrayList out of START_OBJECT token at [Source: io.undertow.servlet.spec.ServletInputStreamImpl@89719e69; line: 1, column: 1]

I call keycloak on described api: "PUT /admin/realms/{realm}/users/{id}/execute-actions-email" with following object:

{"actions":["UPDATE_PASSWORD"]}

see: http://www.keycloak.org/docs/rest-api/index.html#_send_a_update_account_email_to_the_user

user2451418 · Accepted Answer · 2017-02-08T15:16:50.847

12

Solution: Use only ["UPDATE_PASSWORD"] as body for your request and it works...

an in java: Entity.json("[\"UPDATE_PASSWORD\"]");

edited Feb 08 '17 at 15:16

answered Feb 08 '17 at 13:33

user2451418

1,387
4
15
27

can we change the email template in Keycloak while sending an update password email? – Dreamer Mar 25 '19 at 14:12
@Dreamer please refer https://stackoverflow.com/questions/30057786/keycloaks-freemarker-email-template – GoutamS Dec 31 '21 at 05:41

score 2 · Answer 2 · answered May 21 '18 at 07:29

For all those who want to write REST call for execute-actions-email, here is the working code snippet -

CloseableHttpClient httpclient = HttpClients.createDefault();
AccessTokenResponse accessTokenResponse = authzClient.obtainAccessToken(adminUserName, adminPassword);
String urlResetPassword = keyCloakURL+"/admin/realms/"+realmName+"/users/"+userId+"/execute-actions-email";
HttpPut putRequest = new HttpPut(urlResetPassword);
accessTokenResponse = authzClient.obtainAccessToken(adminUserName, adminPassword);
putRequest.addHeader("Authorization", "bearer "+accessTokenResponse.getToken());
putRequest.addHeader("content-type", MediaType.APPLICATION_JSON);
putRequest.setHeader("Accept", MediaType.APPLICATION_JSON);
StringEntity jSonEntity = new StringEntity("[\"UPDATE_PASSWORD\"]");
putRequest.setEntity(jSonEntity);
CloseableHttpResponse response = httpclient.execute(putRequest);

Thanks.

score 2 · Answer 3 · answered Dec 18 '20 at 06:22

2

Correct Request will be as below.

URL:http://{{HOSTNAME}}:{{PORT}}/auth/realms/{{REALM_NAME}}/users/{{USER_ID}}/execute-actions-email
HTTP-METHOD: PUT
BODY: ["UPDATE_PASSWORD"]
HEADERS: AUTHORIZATION BEARER {{TOKEN-GOES-HERE}}

answered Dec 18 '20 at 06:22

Alok Deshwal

1,128
9
20

Hi @Alok Deshwal, in the above request {{USER_ID}} is the username or email used to login to the account or is it the keycloak user-id? – Mohammed Idris Sep 03 '21 at 08:42
@MohammedIdris it's an auto-generated keycloak id for any user – Alok Deshwal Sep 03 '21 at 11:05
Thanks @Alok Deshwal, how do I determine an admin user for the realm? I am currently getting 401 Unauthorized exception when I try it in postman. http://localhost:9080/auth/admin/realms/msme/users/954f837d-b367-4ccd-85f0-e8971688d394/execute-actions-email – Mohammed Idris Sep 03 '21 at 11:19
I got the token from same realm using client id and secret and password credentials – Mohammed Idris Sep 03 '21 at 11:41

How to update password via keyclaok admin rest api by execute-actions-email

3 Answers3