my question may be obvious but I didn’t find any easy solution for it.
I have a simple Single Page Application that uses Keycloak to authenticate users and use its JWT to access some Rest API. So far so good.
I create a list of users ( without email for some specific reason ) and I added some random password to each client that must be changed at first access. The problem is that I need to give a user the ability to reset its password in complete autonomy and whenever he wants without any admin intermediation.
I see some blog post that explains how API Rest can be used for a password reset but I would prefer not to do it over API because I’ll need to implement that on my own. My idea would be to give some access rights on each user which give them permission to enter in restricted Keycloak page and reset their own credentials.
Any suggestions or tips are welcome.
Thanks in advance