Change password issue with SAML

nahimov · October 13, 2020, 9:21am

I set up Keycloak + Discourse to work together, everything works correctly…

But there is one case that I do not understand. Let’s say there is a user on Keycloak, he logs in through SAML on Discourse and successfully login to the forum.
Next, he goes to his profile, chooses to send a link to change the password. Discourse sends him a link by email, he changes the password…

The problem is that the password changes INSIDE DISCOURSE, NOT IN KEYCLOAK. When a user tries again to log in through SAML with a new password, he naturally fails. Because in Keycloak the password has not changed…

Is there any way to prevent password changes inside Discourse? Ideally, it would be sent to Keycloak at all…

david · October 13, 2020, 9:33am

If you disable “local logins” in your site settings, the password change UI should disappear.

nahimov · October 13, 2020, 10:01am

Great! Thanks! It’s works

system · November 12, 2020, 10:07am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Help with SAML integration - New Users are not created support	1	466	January 15, 2021
Is there any way to bypass the login prompt entirely when using SAML? sso	0	561	August 2, 2021
Discourse-saml, choosing solution support	14	1701	January 17, 2020
Keycloak SSO and logout support	0	570	January 28, 2021
Discourse, Keycloak, SAML vs OAuth support	3	1640	September 24, 2020

Change password issue with SAML

Related Topics