Validate current password before update new password Keycloak using Spring Boot

Hi guys,
Assuming I’m logged into an application and have a Keycloak token, now I want to check if the entered password is correct before executing the password.
Please help me write this method in Java, I have tried searching on both Google and ChatGPT but have not found a solution.

I am assuming you are trying to do this using the Admin REST Api.

An option is to initiate a login session with the username and password, and if it’s successful, you can return true, and false if otherwise.

But I have already logged in and have jwt token. So this solution is not feasible.

I don’t think I understood your initial question. what do you mean by “before executing the password”?

are you trying to implement a password change?

Yes, I will have two steps:

  1. Check if the current password is correct, assuming the user has already logged in.
  2. If pass step 1, we will update new password
    But I am stuck at step 1.

Okay. So my initial answer is feasible. I am aware user is logged in and already has a token, and that does not stop you from initiating another login session.

So here are my (hacky) recommended steps

  1. Login the user
  2. User clicks change pass
  3. ask for old pass
  4. initiate a login session with username and password in some java method that returns true if the password login session gets initiated successfully.
  5. update password if true.
  6. logout the user from all sessions because of password change

An alternative to this would be to just use account reset function which creates a new password without verifying old password but makes use of email verification.

2 Likes

Thanks, I will use your way. :smiley:

1 Like