Update email address process

Hello,
we integrated the keycloak workflow for changing the email address (email as username) into our application. That means that after changing the email address it will be changed right away. Only after the next login (with the new email address) you will see the “email verified” page.

We would like to change this workflow to:
change email address -> get email to verify email change via link -> click link -> show “email verified” page

I could not find any information regarding the email change process in the documentation and the admin console. Is there any possibility to modify the process?

8 Likes

Yes, this is a big security issue, as a user can impersonate someone else because of this non email verification.

1 Like

Hi,

Did you find anything new about this ?

Regards,

Dan

This leads to another problem: If the user makes a typo and accidentally enters a wrong email address, he will not be able to log in again.

The process is useless after all. Or have I overlooked something?

Has anyone worked this out. It is a problem for me too.

We have the same problem, this makes the email change process unusable for us.

Same issue here, need to verify email when changing to a new one.

There is a ticket in the JBoss issue tracker for the email verification on the email change. From this ticket, it’s expected to have this functionality in the Keycloak v15.0.0. However, the PR is still open at the current moment. Stay tuned :wink:

1 Like

We have same concern, changing email before verification happens is not user friendly. Typo in email adress will make inpossible to login and require contacting support(admin) for email adjusment.