Access the user's typed password in plain text

immieszko · July 7, 2022, 2:25pm

Hello everyone,
I have quite an unusual problem/inquiry. Is it possible to access the user’s typed password in plain text for a specific client (possibly by modifying the flow Browser in Authentication)? Finally, I would like to achieve the state:

User logs in, types username, and password,
If the User logs in to a specific client, Keycloak takes his password (before destroying it in plain text) performs the action (probably defined by custom mapper (sth like hash function with more parameters) and returns the value as attribute is scope,
Does anyone have any suggestions on how to do this?

edewit · July 12, 2022, 9:22am

Wouldn’t that be very very insecure?

Topic		Replies	Views
Is this very unusual flow possible? (user/password in query parameters)	2	450	April 15, 2022
Is there any way to retrieve the password in keycloak Getting advice	2	305	March 3, 2023
Does reset password can be using keycloak url?	0	308	March 22, 2022
Send encrypted password to Keycloak REST API but user uses plaintext password on login authentication	0	786	April 17, 2023
Custom authentication using keycloak admin client Getting advice admin-rest , authentication	0	128	December 21, 2023

Access the user's typed password in plain text

Related Topics