Set up password after email verification

Hey there,

I was wondering if there is any way to setup a registration process that only asks for a password after the email has been confirmed:

  1. user registers with email only
  2. user receives verification email
  3. verification email takes user to update password form

I’m sure I can implement this via the API, but I’d prefer a keycloak only solution. Looking forward to your suggestions

I don’t think there’s a way to do it with keycloak defaults. I believe you’d have to customize RegistrationProfile and RegistrationUserCreation in the registration flow to create a user without a password. Then add verify email and update password required actions.

Sorry for digging up relatively old thread, but I’ve got a quick question to @lordvlad. Have you managed to set up email only registration? It is crucial requirement for me, and I am wondering whether it is doable. Thanks :slightly_smiling_face:

Quite sure its doable, but I did not tackle that issue, instead we pivoted and adapted the requirement. But seeing what’s doable using a variety of Keycloak SPIs in other places, I’m sure its doable.