8000 Introduce event types to update/remove credentials by resah · Pull Request #29028 · keycloak/keycloak · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Introduce event types to update/remove credentials #29028

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 3, 2024
Merged

Introduce event types to update/remove credentials #29028

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions docs/documentation/release_notes/topics/26_0_0.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -162,3 +162,9 @@ In {project_name} 26, this feature is enabled by default. This means that all us
It is possible to revert this behavior to the previous state by disabling the feature. Follow the `Volatile user sessions` section in https://www.keycloak.org/server/caching[Configuring distributed caches] guide for more details.

For information on how to upgrade, see the link:{upgradingguide_link}[{upgradingguide_name}].

= New generalized event types for credentials

There are now generalized events for updating (`UPDATE_CREDENTIAL`) and removing (`REMOVE_CREDENTIAL`) a credential. The credential type is described in the `credential_type` attribute of the events. The new event types are supported by the Email Event Listener.

The following event types are now deprecated and will be removed in a future version: `UPDATE_PASSWORD`, `UPDATE_PASSWORD_ERROR`, `UPDATE_TOTP`, `UPDATE_TOTP_ERROR`, `REMOVE_TOTP`, `REMOVE_TOTP_ERROR`
22 changes: 11 additions & 11 deletions docs/documentation/server_admin/topics/admin-cli.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ When you log in with the Admin CLI, you specify:
* A realm
* A user name

Another option is to specify a clientId only, which creates a unique service account for you to use.
Another option is to specify a clientId only, which creates a unique service account for you to use.

When you log in using a user name, use a password for the specified user. When you log in using a clientId, you need the client secret only, not the user password. You can also use the `Signed JWT` rather than the client secret.

Expand All @@ -119,7 +119,7 @@ The second mechanism authenticates each command invocation for the duration of t
For example, when performing an operation, specify all the information required for authentication.
[options="nowrap",subs="attributes+"]
----
$ kcadm.sh get realms --no-config --server http://localhost:8080{kc_base_path} --realm master --user admin
$ kcadm.sh get realms --no-config --server http://localhost:8080{kc_base_path} --realm master --user admin
----

Run the `kcadm.sh help` command for more information on using the Admin CLI.
Expand All @@ -131,9 +131,9 @@ If you do not specify the --password option (it is generally recommended to not
[[_working_with_alternative_configurations]]
=== Working with alternative configurations

By default, the Admin CLI maintains a configuration file named `kcadm.config`. {project_name} places this file in the user's home directory.
In Linux-based systems, the full pathname is `$HOME/.keycloak/kcadm.config`.
In Windows, the full pathname is `%HOMEPATH%\.keycloak\kcadm.config`.
By default, the Admin CLI maintains a configuration file named `kcadm.config`. {project_name} places this file in the user's home directory.
In Linux-based systems, the full pathname is `$HOME/.keycloak/kcadm.config`.
In Windows, the full pathname is `%HOMEPATH%\.keycloak\kcadm.config`.

You can use the `--config` option to point to a different file or location so you can maintain multiple authenticated sessions in parallel.

Expand Down Expand Up @@ -199,7 +199,7 @@ The `create` and `update` commands send a JSON body to the server. You can use `

[NOTE]
====
The value in name=value pairs used in --set, -s options, are assumed to be JSON. If it cannot be parsed as valid JSON, then it will be sent to the server as a text value.
The value in name=value pairs used in --set, -s options, are assumed to be JSON. If it cannot be parsed as valid JSON, then it will be sent to the server as a text value.

If the value is enclosed in quotes after shell processing, but is not valid JSON, the quotes will be stripped and the rest of the value will be sent as text. This behavior is deprecated, please consider specifying your value without quotes or a valid JSON string literal with double quotes.
====
Expand Down Expand Up @@ -492,13 +492,13 @@ You can turn on storage for all available ERROR events, not including auditing e
+
[options="nowrap"]
----
$ kcadm.sh update events/config -r demorealm -s eventsEnabled=true -s 'enabledEventTypes=["LOGIN_ERROR","REGISTER_ERROR","LOGOUT_ERROR","CODE_TO_TOKEN_ERROR","CLIENT_LOGIN_ERROR","FEDERATED_IDENTITY_LINK_ERROR","REMOVE_FEDERATED_IDENTITY_ERROR","UPDATE_EMAIL_ERROR","UPDATE_PROFILE_ERROR","UPDATE_PASSWORD_ERROR","UPDATE_TOTP_ERROR","VERIFY_EMAIL_ERROR","REMOVE_TOTP_ERROR","SEND_VERIFY_EMAIL_ERROR","SEND_RESET_PASSWORD_ERROR","SEND_IDENTITY_PROVIDER_LINK_ERROR","RESET_PASSWORD_ERROR","IDENTITY_PROVIDER_FIRST_LOGIN_ERROR","IDENTITY_PROVIDER_POST_LOGIN_ERROR","CUSTOM_REQUIRED_ACTION_ERROR","EXECUTE_ACTIONS_ERROR","CLIENT_REGISTER_ERROR","CLIENT_UPDATE_ERROR","CLIENT_DELETE_ERROR"]' -s eventsExpiration=172800
$ kcadm.sh update events/config -r demorealm -s eventsEnabled=true -s 'enabledEventTypes=["LOGIN_ERROR","REGISTER_ERROR","LOGOUT_ERROR","CODE_TO_TOKEN_ERROR","CLIENT_LOGIN_ERROR","FEDERATED_IDENTITY_LINK_ERROR","REMOVE_FEDERATED_IDENTITY_ERROR","UPDATE_EMAIL_ERROR","UPDATE_PROFILE_ERROR","UPDATE_PASSWORD_ERROR","UPDATE_TOTP_ERROR","UPDATE_CREDENTIAL_ERROR","VERIFY_EMAIL_ERROR","REMOVE_TOTP_ERROR","REMOVE_CREDENTIAL_ERROR","SEND_VERIFY_EMAIL_ERROR","SEND_RESET_PASSWORD_ERROR","SEND_IDENTITY_PROVIDER_LINK_ERROR","RESET_PASSWORD_ERROR","IDENTITY_PROVIDER_FIRST_LOGIN_ERROR","IDENTITY_PROVIDER_POST_LOGIN_ERROR","CUSTOM_REQUIRED_ACTION_ERROR","EXECUTE_ACTIONS_ERROR","CLIENT_REGISTER_ERROR","CLIENT_UPDATE_ERROR","CLIENT_DELETE_ERROR"]' -s eventsExpiration=172800
----
* Windows:
+
[options="nowrap"]
----
c:\> kcadm update events/config -r demorealm -s eventsEnabled=true -s "enabledEventTypes=[\"LOGIN_ERROR\",\"REGISTER_ERROR\",\"LOGOUT_ERROR\",\"CODE_TO_TOKEN_ERROR\",\"CLIENT_LOGIN_ERROR\",\"FEDERATED_IDENTITY_LINK_ERROR\",\"REMOVE_FEDERATED_IDENTITY_ERROR\",\"UPDATE_EMAIL_ERROR\",\"UPDATE_PROFILE_ERROR\",\"UPDATE_PASSWORD_ERROR\",\"UPDATE_TOTP_ERROR\",\"VERIFY_EMAIL_ERROR\",\"REMOVE_TOTP_ERROR\",\"SEND_VERIFY_EMAIL_ERROR\",\"SEND_RESET_PASSWORD_ERROR\",\"SEND_IDENTITY_PROVIDER_LINK_ERROR\",\"RESET_PASSWORD_ERROR\",\"IDENTITY_PROVIDER_FIRST_LOGIN_ERROR\",\"IDENTITY_PROVIDER_POST_LOGIN_ERROR\",\"CUSTOM_REQUIRED_ACTION_ERROR\",\"EXECUTE_ACTIONS_ERROR\",\"CLIENT_REGISTER_ERROR\",\"CLIENT_UPDATE_ERROR\",\"CLIENT_DELETE_ERROR\"]" -s eventsExpiration=172800
c:\> kcadm update events/config -r demorealm -s eventsEnabled=true -s "enabledEventTypes=[\"LOGIN_ERROR\",\"REGISTER_ERROR\",\"LOGOUT_ERROR\",\"CODE_TO_TOKEN_ERROR\",\"CLIENT_LOGIN_ERROR\",\"FEDERATED_IDENTITY_LINK_ERROR\",\"REMOVE_FEDERATED_IDENTITY_ERROR\",\"UPDATE_EMAIL_ERROR\",\"UPDATE_PROFILE_ERROR\",\"UPDATE_PASSWORD_ERROR\",\"UPDATE_TOTP_ERROR\",\"UPDATE_CREDENTIAL_ERROR\",\"VERIFY_EMAIL_ERROR\",\"REMOVE_TOTP_ERROR\",\"REMOVE_CREDENTIAL_ERROR\",\"SEND_VERIFY_EMAIL_ERROR\",\"SEND_RESET_PASSWORD_ERROR\",\"SEND_IDENTITY_PROVIDER_LINK_ERROR\",\"RESET_PASSWORD_ERROR\",\"IDENTITY_PROVIDER_FIRST_LOGIN_ERROR\",\"IDENTITY_PROVIDER_POST_LOGIN_ERROR\",\"CUSTOM_REQUIRED_ACTION_ERROR\",\"EXECUTE_ACTIONS_ERROR\",\"CLIENT_REGISTER_ERROR\",\"CLIENT_UPDATE_ERROR\",\"CLIENT_DELETE_ERROR\"]" -s eventsExpiration=172800
----

You can reset stored event types to *all available event types*. Setting the value to an empty list is the same as enumerating all.
Expand Down Expand Up @@ -1218,7 +1218,7 @@ $ kcadm.sh remove-roles -r demorealm --uusername testuser --cclientid realm-mana
[discrete]
==== Listing a user's sessions

. Identify the user's ID,
. Identify the user's ID,
. Use the ID to compose an endpoint URI, such as `users/ID/sessions`.
. Use the `get` command to retrieve a list of the user's sessions.
+
Expand Down Expand Up @@ -1406,7 +1406,7 @@ $ kcadm.sh get-roles -r demorealm --gname Group --available

Use the `get-roles` command to list assigned, available, and effective client roles for a group.

. Specify the target group by name (`--gname` option) or ID (`--gid` option),
. Specify the target group by name (`--gname` option) or ID (`--gid` option),
. Specify the client by the clientId attribute (`--cclientid` option) or ID (`--id` option) to list *assigned* client roles for the user.
+
For example:
Expand Down Expand Up @@ -1895,7 +1895,7 @@ $ kcadm get "authentication/config/dd91611a-d25c-421a-87e2-227c18421833" -r demo
==== Updating configuration for an execution

. Get the execution for the flow.
. Get the flow's `authenticationConfig` attribute.
. Get the flow's `authenticationConfig` attribute.
. Note the config ID from the attribute.
. Run the `update` command on the `authentication/config/ID` endpoint.

Expand Down
16 changes: 12 additions & 4 deletions docs/documentation/server_admin/topics/events/login.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,15 +123,21 @@ image:images/search-user-event.png[Search user event]
|Send Password Reset
|{project_name} sends a password reset email.

|Update Password
|Update Password (deprecated)
|The password for an account changes.

|Update TOTP
|Update Credential
|The password or (time-based) one-time Password (OTP/TOTP) settings for an account changes.

|Update TOTP (deprecated)
|The Time-based One-time Password (TOTP) settings for an account changes.

|Remove TOTP
|Remove TOTP (deprecated)
|{project_name} removes TOTP from an account.

|Remove Credential
|{project_name} removes a credential from an account.

|Send Verify Email
|{project_name} sends an email verification email.

Expand Down Expand Up @@ -191,6 +197,8 @@ The Email Event Listener sends a message to the user's email address when an eve
* Update Password.
* Update Time-based One-time Password (TOTP).
* Remove One-time Password (OTP).
* Update Credential.
* Remove Credential.

The following conditions need to be met for an email to be sent:

Expand All @@ -217,6 +225,6 @@ You can exclude events by using the `--spi-events-listener-email-exclude-events`

[source,bash]
----
kc.[sh|bat] --spi-events-listener-email-exclude-events=UPDATE_TOTP,REMOVE_TOTP
kc.[sh|bat] --spi-events-listener-email-exclude-events=UPDATE_CREDENTIAL,REMOVE_CREDENTIAL
----

7 changes: 7 additions & 0 deletions docs/documentation/upgrading/topics/changes/changes-26_0_0.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -235,3 +235,10 @@ As part of this change the following related configuration options for the SPI h
- `--spi-login-protocol-openid-connect-suppress-logout-confirmation-screen`

If you were still making use these options or the `redirect_uri` parameter for logout you should implement the link:https://openid.net/specs/openid-connect-rpinitiated-1_0.html[OpenID Connect RP-Initiated Logout specification] instead.

= New generalized event types for credentials

There are now generalized events for updating (`UPDATE_CREDENTIAL`) and removing (`REMOVE_CREDENTIAL`) a credential. The credential type is described in the `credential_type` attribute of the events.
The new event types are supported by the Email Event Listener.

The following event types are now deprecated and will be removed in a future version: `UPDATE_PASSWORD`, `UPDATE_PASSWORD_ERROR`, `UPDATE_TOTP`, `UPDATE_TOTP_ERROR`, `REMOVE_TOTP`, `REMOVE_TOTP_ERROR`
4 changes: 2 additions & 2 deletions js/apps/admin-ui/cypress/fixtures/partial-import-test-data/kcexport.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2134,7 +2134,7 @@
"smtpServer" : { },
"eventsEnabled" : false,
"eventsListeners" : [ "jboss-logging" ],
"enabledEventTypes" : [ "SEND_RESET_PASSWORD", "SEND_VERIFY_EMAIL", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "UPDATE_TOTP", "REMOVE_TOTP", "REVOKE_GRANT", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "UPDATE_EMAIL", "REGISTER_ERROR", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "UPDATE_PROFILE_ERROR", "IMPERSONATE", "LOGIN", "UPDATE_PASSWORD_ERROR", "CLIENT_UPDATE_ERROR", "UPDATE_PROFILE", "REGISTER", "LOGOUT", "FEDERATED_IDENTITY_LINK", "CLIENT_REGISTER_ERROR", "CLIENT_REGISTER", "SEND_VERIFY_EMAIL_ERROR", "UPDATE_PASSWORD", "RESET_PASSWORD", "FEDERATED_IDENTITY_LINK_ERROR", "CLIENT_DELETE", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "VERIFY_EMAIL", "SEND_RESET_PASSWORD_ERROR", "CLIENT_DELETE_ERROR", "CLIENT_LOGIN_ERROR", "CLIENT_UPDATE", "REMOVE_FEDERATED_IDENTITY_ERROR", "EXECUTE_ACTIONS", "CUSTOM_REQUIRED_ACTION_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN" ],
"enabledEventTypes" : [ "SEND_RESET_PASSWORD", "SEND_VERIFY_EMAIL", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "REMOVE_CREDENTIAL", "UPDATE_TOTP", "REMOVE_TOTP", "REVOKE_GRANT", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "UPDATE_EMAIL", "REGISTER_ERROR", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "UPDATE_PROFILE_ERROR", "IMPERSONATE", "LOGIN", "UPDATE_PASSWORD_ERROR", "UPDATE_CREDENTIAL_ERROR", "CLIENT_UPDATE_ERROR", "UPDATE_PROFILE", "REGISTER", "LOGOUT", "FEDERATED_IDENTITY_LINK", "CLIENT_REGISTER_ERROR", "CLIENT_REGISTER", "SEND_VERIFY_EMAIL_ERROR", "UPDATE_CREDENTIAL", "UPDATE_PASSWORD" ,"RESET_PASSWORD", "FEDERATED_IDENTITY_LINK_ERROR", "CLIENT_DELETE", "REMOVE_CREDENTIAL_ERROR", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "VERIFY_EMAIL", "SEND_RESET_PASSWORD_ERROR", "CLIENT_DELETE_ERROR", "CLIENT_LOGIN_ERROR", "CLIENT_UPDATE", "REMOVE_FEDERATED_IDENTITY_ERROR", "EXECUTE_ACTIONS", "CUSTOM_REQUIRED_ACTION_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN" ],
"adminEventsEnabled" : true,
"adminEventsDetailsEnabled" : true,
"identityProviders" : [ {
Expand Down Expand Up @@ -4210,7 +4210,7 @@
"smtpServer" : { },
"eventsEnabled" : false,
"eventsListeners" : [ "jboss-logging" ],
"enabledEventTypes" : [ "SEND_RESET_PASSWORD", "SEND_VERIFY_EMAIL", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "UPDATE_TOTP", "REMOVE_TOTP", "REVOKE_GRANT", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "UPDATE_EMAIL", "REGISTER_ERROR", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "UPDATE_PROFILE_ERROR", "IMPERSONATE", "LOGIN", "UPDATE_PASSWORD_ERROR", "CLIENT_UPDATE_ERROR", "UPDATE_PROFILE", "REGISTER", "LOGOUT", "FEDERATED_IDENTITY_LINK", "CLIENT_REGISTER_ERROR", "CLIENT_REGISTER", "SEND_VERIFY_EMAIL_ERROR", "UPDATE_PASSWORD", "RESET_PASSWORD", "FEDERATED_IDENTITY_LINK_ERROR", "CLIENT_DELETE", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "VERIFY_EMAIL", "SEND_RESET_PASSWORD_ERROR", "CLIENT_DELETE_ERROR", "CLIENT_LOGIN_ERROR", "CLIENT_UPDATE", "REMOVE_FEDERATED_IDENTITY_ERROR", "EXECUTE_ACTIONS", "CUSTOM_REQUIRED_ACTION_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN" ],
"enabledEventTypes" : [ "SEND_RESET_PASSWORD", "SEND_VERIFY_EMAIL", "EXECUTE_ACTIONS_ERROR", "REMOVE_FEDERATED_IDENTITY", "REMOVE_CREDENTIAL", "UPDATE_TOTP", "REMOVE_TOTP", "REVOKE_GRANT", "LOGIN_ERROR", "CLIENT_LOGIN", "RESET_PASSWORD_ERROR", "CODE_TO_TOKEN_ERROR", "CUSTOM_REQUIRED_ACTION", "UPDATE_EMAIL", "REGISTER_ERROR", "LOGOUT_ERROR", "UPDATE_EMAIL_ERROR", "UPDATE_PROFILE_ERROR", "IMPERSONATE", "LOGIN", "UPDATE_PASSWORD_ERROR", "UPDATE_CREDENTIAL_ERROR", "CLIENT_UPDATE_ERROR", "UPDATE_PROFILE", "REGISTER", "LOGOUT", "FEDERATED_IDENTITY_LINK", "CLIENT_REGISTER_ERROR", "CLIENT_REGISTER", "SEND_VERIFY_EMAIL_ERROR", "UPDATE_CREDENTIAL", "UPDATE_PASSWORD", "RESET_PASSWORD", "FEDERATED_IDENTITY_LINK_ERROR", "CLIENT_DELETE", "REMOVE_CREDENTIAL_ERROR", "REMOVE_TOTP_ERROR", "VERIFY_EMAIL_ERROR", "VERIFY_EMAIL", "SEND_RESET_PASSWORD_ERROR", "CLIENT_DELETE_ERROR", "CLIENT_LOGIN_ERROR", "CLIENT_UPDATE", "REMOVE_FEDERATED_IDENTITY_ERROR", "EXECUTE_ACTIONS", "CUSTOM_REQUIRED_ACTION_ERROR", "UPDATE_TOTP_ERROR", "CODE_TO_TOKEN" ],
"adminEventsEnabled" : true,
"adminEventsDetailsEnabled" : true,
"identityProviders" : [ {
Expand Down
10 changes: 9 additions & 1 deletion js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3241,4 +3241,12 @@ temporaryService=Temporary admin service account. Ensure it is replaced with a p
addOrganizationAttributes.label=Add organization attributes
addOrganizationAttributes.help=If enabled, the organization attributes will be available for each organization mapped to the token.
disableConfirmUserTitle=Disable user?
disableConfirmUser=Are you sure you want to disable this user?
disableConfirmUser=Are you sure you want to disable this user?
eventTypes.UPDATE_CREDENTIAL.name=Update credential
eventTypes.UPDATE_CREDENTIAL.description=Update credential
eventTypes.UPDATE_CREDENTIAL_ERROR.name=Update credential error
eventTypes.UPDATE_CREDENTIAL_ERROR.description=Update credential error
eventTypes.REMOVE_CREDENTIAL.name=Remove credential
eventTypes.REMOVE_CREDENTIAL.description=Remove credential
eventTypes.REMOVE_CREDENTIAL_ERROR.name=Remove credential error
eventTypes.REMOVE_CREDENTIAL_ERROR.description=Remove credential error
4 changes: 4 additions & 0 deletions js/apps/admin-ui/src/clients/add/__tests__/mock-serverinfo.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7212,6 +7212,8 @@
"REMOVE_FEDERATED_IDENTITY_ERROR",
"REMOVE_TOTP",
"REMOVE_TOTP_ERROR",
"REMOVE_CREDENTIAL",
"REMOVE_CREDENTIAL_ERROR",
"RESET_PASSWORD",
"RESET_PASSWORD_ERROR",
"RESTART_AUTHENTICATION",
Expand All @@ -7234,6 +7236,8 @@
"UPDATE_EMAIL_ERROR",
"UPDATE_PASSWORD",
"UPDATE_PASSWORD_ERROR",
"UPDATE_CREDENTIAL",
"UPDATE_CREDENTIAL_ERROR",
"UPDATE_PROFILE",
"UPDATE_PROFILE_ERROR",
"UPDATE_TOTP",
Expand Down
4 changes: 4 additions & 0 deletions js/apps/admin-ui/src/context/server-info/__tests__/mock.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7074,6 +7074,8 @@
"REMOVE_FEDERATED_IDENTITY_ERROR",
"REMOVE_TOTP",
"REMOVE_TOTP_ERROR",
"REMOVE_CREDENTIAL",
"REMOVE_CREDENTIAL_ERROR",
"RESET_PASSWORD",
"RESET_PASSWORD_ERROR",
"RESTART_AUTHENTICATION",
Expand All @@ -7096,6 +7098,8 @@
"UPDATE_EMAIL_ERROR",
"UPDATE_PASSWORD",
"UPDATE_PASSWORD_ERROR",
"UPDATE_CREDENTIAL",
"UPDATE_CREDENTIAL_ERROR",
"UPDATE_PROFILE",
"UPDATE_PROFILE_ERROR",
"UPDATE_TOTP",
Expand Down
6 changes: 5 additions & 1 deletion js/libs/keycloak-admin-client/src/defs/eventTypes.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,10 @@ type EventType =
| "TOKEN_EXCHANGE"
| "TOKEN_EXCHANGE_ERROR"
| "PERMISSION_TOKEN"
| "PERMISSION_TOKEN_ERROR";
| "PERMISSION_TOKEN_ERROR"
| "UPDATE_CREDENTIAL"
| "UPDATE_CREDENTIAL_ERROR"
| "REMOVE_CREDENTIAL"
| "REMOVE_CREDENTIAL_ERROR";

export default EventType;
15 changes: 15 additions & 0 deletions server-spi-private/src/main/java/org/keycloak/events/EventType.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,16 +62,24 @@ public enum EventType implements EnumWithStableIndex {
UPDATE_EMAIL_ERROR(0x10000 + UPDATE_EMAIL.getStableIndex(), true),
UPDATE_PROFILE(11, true),
UPDATE_PROFILE_ERROR(0x10000 + UPDATE_PROFILE.getStableIndex(), true),

@Deprecated
UPDATE_PASSWORD(12, true),
@Deprecated
UPDATE_PASSWORD_ERROR(0x10000 + UPDATE_PASSWORD.getStableIndex(), true),

@Deprecated
UPDATE_TOTP(13, true),
@Deprecated
UPDATE_TOTP_ERROR(0x10000 + UPDATE_TOTP.getStableIndex(), true),
VERIFY_EMAIL(14, true),
VERIFY_EMAIL_ERROR(0x10000 + VERIFY_EMAIL.getStableIndex(), true),
VERIFY_PROFILE(15, true),
VERIFY_PROFILE_ERROR(0x10000 + VERIFY_PROFILE.getStableIndex(), true),

@Deprecated
REMOVE_TOTP(16, true),
@Deprecated
REMOVE_TOTP_ERROR(0x10000 + REMOVE_TOTP.getStableIndex(), true),

GRANT_CONSENT(17, true),
Expand Down Expand Up @@ -169,6 +177,13 @@ public enum EventType implements EnumWithStableIndex {

FEDERATED_IDENTITY_OVERRIDE_LINK(55, true),
FEDERATED_IDENTITY_OVERRIDE_LINK_ERROR(0x10000 + FEDERATED_IDENTITY_OVERRIDE_LINK.getStableIndex(), true),

UPDATE_CREDENTIAL(56, true),
UPDATE_CREDENTIAL_ERROR(0x10000 + UPDATE_CREDENTIAL.getStableIndex(), true),

REMOVE_CREDENTIAL(57, true),
REMOVE_CREDENTIAL_ERROR(0x10000 + REMOVE_CREDENTIAL.getStableIndex(), true),

INVITE_ORG(60, true),
INVITE_ORG_ERROR(0x10000 + INVITE_ORG.getStableIndex(), true);

Expand Down
Loading
Loading
0