Hi Everyone,
Wanted to ask about Keycloak Policies. Recently, we added some policies on each of our realms.
For example we implemented:
-
Expire Password
-
Minimum Length
-
Special Characters
and so on…
And then we set our user’s required actions to “update password” for the policies to “take effect”
If ever we decide to remove the Expire password policy, do our users need to do something?
- Like we deleted the policy > will we need to let the users update their passwords again to remove the “expire password” duration on their accounts?
or
- If we remove the expire password policy, no user action required. Once it was removed regardless if the users have updated their passwords(again) or not the expired password duration was removed on the system. Meaning after “xx” days they will not be prompted to update their password since it has “expired”
Thanks