I'm working on email verification in keycloak.
When user create account on register, an email is sent to verify his email. But when he clicks on the link, it's directly redirect to "my account page".
This is pretty strange for me.
I saw that keycloak recognize the client with the cookie AUTH_SESSION_ID because if client click on link from an other browser he had to click on "click here" before access to his "my account page".
Is it possible to break the first behavior?
Thanks
Related
I have a verification email that is sent out to users that sign up for a website I have developed. When the user signs up I send them an HTML email that has an anchor tag (hyperlink) <a href="https://app.example.com/verify-email/akdios-aksdjofs-aisodfjsa" >Activate Account</a>.I believe this is a URL/href problem because if you click on the link it only takes you to the site https://app.example.com. Whereas if you paste the link in the browser then the proper verification page is loaded and the account is verified.
Email clients tested: outlook, (and various work email domains.).What would be causing my link to not work when clicked, but works when I copy the link in the email, then paste it into the browser url?Is there a way to ensure that clicking the link will work no matter what the email client (specifically outlook has been giving trouble).
We have implemented a sign in with Apple(SiwA) for our iOS app. for the signup we require the user's Apple id and email address. We are getting user name and email details on first login attempts but after that to get the email we are decoding identity token and get the email address.
We observed that the identity token does not always contain the email address.
Please follow the below steps to reproduce the issue.
step 1: User clicks on Sign in with Apple button and it displays Apple authorization popup with details like name, share-email, and hide email option then in success response we get an email in received apple identity token.
step 2: Now user revoke signing access from the apple account by following steps (Setting -> Apple account -> Password & Security -> Apple id logins -> remove the app from options)
step 3: After step 2, User clicks again Sign in with the apple button and usually, it shows Authorization popup with details like step 1 and we got an email from the identity token in this case so we don't have any issue.
step 4: After step 2, the user clicks on the sign in with the Apple button and authorization popup contains only email address instead of a name, share email, or hide email options. In this case, we didn't get an email from the identity token.
The main problem is Authorization popup is not resetting after revoking access, it shows like previously logged-in state, and in this case, we don't get email otherwise we always get an email address from identity token.
Can we debug/identify why Authorization popup is not resetting after revoked access?
Any help would be appreciated.
I have created a sandbox account for using Docusign APIs. As a first step of it... see the link of tutorial I am trying to Send an electronic signature request via email (topic no. 4 in the link)
My request url and parameters are as specified. But it is giving ERROR 401 Unauthorized
I am seeing in Request screenshot, you are I think passing IntegratorKey (16a82645-5c5a-****-****-***********) in the Authorization Header, which is wrong. In Authorization header you need to pass OAUTH token. You can generate OAUTH token with below steps:
There will be an UnAuthenticate link on the top of the page with green background, text will look like below
You are authenticated against the Demo environment. Unauthenticate,
So, can you please click "Unauthenticate", then it will show button as "AUTHENTICATE USING SANDBOX ACCOUNT", once you click this button then a popup will come and it will have a blue button as "GET OAUTH2 TOKEN", click this button, which will open a popup and ask you to enter your Demo/Sandbox credentials. Enter your credentials and then try above API call, it should work. If it does not may be some stale cookies/session will still send old credentials to DocuSign so then try it in Incognito or Inprivate browsing.
I'm using JIRA version 7.2.7, configed with progreSQL.
everything went well until I invite other users.
admin user is A#mycompany.com, outgoing email is jira#mycompany.com which is not a user of our jira system.
I logged in with A#mycompany.com, then goto outgoing setting page, "Send a Test Email" to myself, it succeeded, and I can receive that email.
but when I went to "User management", click "Invite users", filled in another email address, click "Invite users". Then the mail will never sent successfully.
and the log said:
````
Caused by: com.sun.mail.smtp.SMTPSendFailedException: 501 mail from address must be same as authorization user
;
nested exception is:
com.sun.mail.smtp.SMTPSenderFailedException: 501 mail from address must be same as authorization user
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:2267)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:1257)
at com.atlassian.mail.server.impl.SMTPMailServerImpl.sendMimeMessage(SMTPMailServerImpl.java:245)
at com.atlassian.mail.server.managers.EventAwareSMTPMailServer.sendMimeMessage(EventAwareSMTPMailServer.java:25)
at com.atlassian.mail.server.impl.SMTPMailServerImpl.sendWithMessageId(SMTPMailServerImpl.java:187)
... 26 more
````
Then I created another user which is "jira#mycompany.com" (same as the Outgoing Email) and logged in with it, and then invite user again, the email got sent.
and: we have an old version of jira 6.3.x, which has the same configuration but inviting users works well.
Any way to fix the problem? why can't we invite users with user logged in other than "jira#mycompany.com"?
Thanks very much
I think this error is thrown from your SMTP server. It seems to be configured, that the "From" Mailaddress needs to be same as the the user who authenticates to the SMTP Server.
You authenticated with "jira#..." on your SMTP server, but you are trying to use "A#..." as "From" address.
You should configure your SMTP server to allow that the "From" Address differs from the authenticated user.
After user clicks "Sign in with your corporate account" button on our corporate site, "Google Plus API" is redirecting user to "Choose an account" page.
When the client tries to Sign in with his personal (not domain-hosted, "corporate") Google-account, -- he is redirected to "Choose an account" page again, without any tip or suggestion about why he cannot log in.
How to make Google show info about the log-in process?