Change password issue with SAML

I set up Keycloak + Discourse to work together, everything works correctly…

But there is one case that I do not understand. Let’s say there is a user on Keycloak, he logs in through SAML on Discourse and successfully login to the forum.
Next, he goes to his profile, chooses to send a link to change the password. Discourse sends him a link by email, he changes the password…

The problem is that the password changes INSIDE DISCOURSE, NOT IN KEYCLOAK. When a user tries again to log in through SAML with a new password, he naturally fails. Because in Keycloak the password has not changed…

Is there any way to prevent password changes inside Discourse? Ideally, it would be sent to Keycloak at all…

If you disable “local logins” in your site settings, the password change UI should disappear.

2 Likes

Great! Thanks! It’s works

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.