[BUG] restrict is by passed if user connects with token

### Is there an existing issue for this?

- [X] I have searched the existing issues

### Current Behavior

- A client is configured to use this flow : 

![image](https://user-images.githubusercontent.com/5184702/199974359-ab6fba01-faa7-4440-8b6f-6f4c26eb32d7.png)

- A user receives an email with a link including an action-token (for example : email validation, reset credentials ...).
- The user follows the link, he's identified, optionaly confirm his email/set password, and he's logged in.

In case user use the classic form, the restriction works and he get the normal message that he's not allowed to access it.

### Expected Behavior

He should not be allowed to logged in.

### Steps To Reproduce

_No response_

### Version

```markdown
- Keycloak: 16.0.0
- This extension: 16.0.0
```


### Anything else?

I'm not an expert on Keycloak so maybe I missed something ... My first idea is that using action token uses another flow but I can't identifie it (and "events" doesn't sho which flow has been used).

Regards

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[BUG] restrict is by passed if user connects with token #121

Is there an existing issue for this?

Current Behavior

Expected Behavior

Steps To Reproduce

Version

Anything else?

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[BUG] restrict is by passed if user connects with token #121

Description

Is there an existing issue for this?

Current Behavior

Expected Behavior

Steps To Reproduce

Version

Anything else?

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions