I am working on a PasswordPolicyProvider SPI intended to implement a minimum-password-lifetime. My issue is that I don’t want “admin” users to be restricted by this SPI when resetting a user’s password. Is there a way to extract some info about the user triggering the password reset from the KeycloakSession object? I was also thinking that if I could restrict the enforcement of this SPI by checking whether the password is intended to be temporary, which only an “admin” would be able to set, but I can’t seem to get find that flag either.