Password reset for federated user

[Kalyan Dasika]

Hi,

I'm running into an issue with the password reset use case in keycloak for a federated user. 

The reset password workflow works well till the point where I submit an updated password for the federated user.

I implemented the CredentialInputUpdater interface and in the updateCredential method I have the logic to update the password in the external database for the federated user. The update works as well. But in the UI there is an error message "Internal Server occured" and in the logs I see this 

14:07:56,096 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-22) Uncaught server error: org.keycloak.storage.ReadOnlyException: user is read only for this update

at org.keycloak.storage.adapter.AbstractUserAdapter.removeRequiredAction(AbstractUserAdapter.java:78)

How can I override this last step? I know this is a read-only user, but since I'm managing the external persistence of the updated password, why does keycloak think that I'm making changes to the user locally? 

Any ideas or suggestions is highly appreciated.

- Kalyan

[Kalyan Dasika]

I just want to clarify that the reset password functionality works end-to-end except for that UI error.  If I close that erroneous page and try to login with the updated password it works.

[Kalyan Dasika]

I figured this out by over riding the removeRequiredAction and checking for UPDATE_PASSWORD action type. Its all working now.