So I’ve noticed there’s 2 ways of verifying an email via API in Keycloak.
If you have enabled User Registration in the keycloak instance, this allows the user to sign up directly, a ‘Verify Email’ (out of the box title) with a magic link is automatically triggered that both verifies their email and automatically logs them. This is a great flow for a newly registered user.
However, I would prefer to disable the User Registration on the keycloak instance and use the admin API to manually create the user. This is all fine, however, I can’t replicate the initial ‘Verify Email’ action exactly. One option I can use is the /{realm}/users/{id}/execute-actions-email endpoint where I can invoke the “VERIFY_EMAIL” action. This triggers an “Update Your Account” (out of the box title again) where the user is taken to the keycloak instance, is required to click a link and is not automatically logged in. There’s an additional verify email endpoint /{realm}/users/{id}/send-verify-email which I was hoping would mimic the previous flow but it has the same bahavior as /execute-actions-email.
Is it possible to replicate former way of verifying the email via the Admin API? Both of these approaches do indeed verify the email but the first way is a much better experience for new users.