Why is your application messing with the users credentials?
If you decide to use Keycloak and OIDC/SAML, then the App should not be involved in managing user credentials. That is keycloaks job.
That would violate the separation of concern, the further you can get the app away from the users credentials the better. You could redirect them to the corresponding option in the account console or have a generic “manage account” link to the account console.
Just for updating the password, there’s the required action responsible for that.
You can create a direct link to that action using e.g. this approach:
Thank you very much.
I think that´s exactly what I need.
The only issue which i have:
I would like to have that the user needs to enter always a password. How can I change the time from 5 minutes to 30 seconds e.g. ?