I´m currently migrating a custom Keycloak theme for a Angular application from KC 21 to KC 24.
My custom theme modifies the login and account sections.
My application has a update password link to /auth/realms/[realm name]/account/password. If a user followes that link, a new small window opens, where the user can enter their new password:
This is how it works with Keycloak 21.
In Keycloak 24 when clicking on this link the user sees my whole login page with the login dialog only showing “page not found”.
I´m not sure where to look for the cause for this behavior - in my theme or in the keycloak configuration?
This works, but this also shows me the complete login page with the update password dialogue in the center instead of only the update password dialogue.
What you are currently using in 21 is still the “old” account console, which was deprecated for a long time and is no more available in recent versions.
The legit way of letting users updating their password is through the required action, like you already mentioned (the link with kc_action=UPDATE_PASSWORD).
the page opening uses the login-section of my theme. I would expect the account-section instead.
Is this also something, that has changed with the new account console? Or can I somehow control, which part oh my theme is used when following the link above?
Actually you are calling the auth endpoint and initiate an authentication. You can even call this url if the user is not logged in, he/she then hast to authenticate and can then update the password.
Required actions are part of the authentication in Keycloak.
You can’t use the account theme in login processes.
