Require old password on change password (user account service)

Hi Guys,

I’m a new user of keycloak. I just want to ask on how to require the old password during update password on account (page)

Thanks

The built-in password update functionality doesn’t allow that. It would be possible to build a custom authenticator and replace that. Docs and files you would override are here:

https://www.keycloak.org/docs/latest/server_development/#_auth_spi

Or if you don’t need it on the same form you should be able to require the old password in a custom flow for credentials reset.

1 Like

Hi bpedersen2, How can I enable that? I think your solution is much more good on me because I don’t want to modify the source code.

Check Server Administration Guide and Server Administration Guide

1 Like

Hi for anyone who’s trying to solve this issue. I manage to fix it by changing the account theme.

keycloak server > realm > realm settings > themes > account theme

and use keycloak theme.