KeyCloak: how to send out email verification email, but not require it for logon

About

Asked 3/10, 2017 at 19:48 Answered 3/10, 2017 at 19:48

keycloak user-registration email-verification

I'm configuring Keycloak email verification for my website. I found the settings to require email verification for signups but that doesn't fit my use-case.

My website can be used without verified email, but some functions may be disabled. So when a user registers, I would like to send email verification emails but the user should logon regardless of actual verification. When a user chooses a function in the site that requires verified email, I want to have a link to resend the verification email.

I think this is not possible with the standard Keycloak features. I'm not sure how to go about implementing this. Perhaps it is possible with a custom SPI or API? I'm not very proficient with Java and JBoss but with some good examples and pointers I could give it a try to implement it.

How to make this work? Any help is welcome.

Backer answered 3/10, 2017 at 19:48 Comment(5)

did you ever figure out a way to do this? – Esme 27/9, 2018 at 13:42

I couldn't find a way to do it using Keycloak directly. I also couldn't find a way to implement it using a custom SPI. It is quite problematic. – Backer 1/10, 2018 at 14:5

The only way that I can think of is to disable email verification and then implement verification in your application. Send the verification email after sign up has completed and check the verification status manually. There are several difficulties with this approach as well. For instance, the API for sending the verification email is not very adequate. Getting feedback of the verification isn't easy as well. And then there's handling of changing email addresses. But I think it is the only way. – Backer 1/10, 2018 at 14:13

For anyone also coming across this issue, Keycloak's API has likely matured since 2018 and it's worth checking out there docs: keycloak.org/docs-api/5.0/rest-api/index.html At least for my case, the redirectUri parameter suffices for perform some actions once the email was verified. – Fanfaronade 30/6, 2020 at 23:2

Ok, I take my words back. @Backer is absolutely right, the email verification API is a mess ... Tried it today and (besides from all the other problems barney mentioned) you e.g. can't use your email verification templates. – Fanfaronade 2/7, 2020 at 20:42

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags