-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature]: support of OTP as failback authenticator #358
Comments
Hello @ArminRadmueller,
To make this work, I would need to set the user in the Keycloak context. But that would instantly lead to the security issue described in #251 again. So, I do not think I will be able to support this right now. If you need passwordless authentication, why not use the |
I will test it in the next few days, but it will be too big a step for our use case |
Is there an existing feature request for this?
Is your feature related to a problem? Please describe.
I would like to use the home-idp-discovery with our Keycloak and after watching the video I had set it up as described and encountered the same problem as described in #285. In the documentation it's described correctly with username/password form.
I wanted to set up the home-idp-discovery with an OTP failback instead of the password-form, in other words passwordless.
Describe the solution you'd like
Would it be possible to adapt the implementation in #251 so that password form or alternatively OTP form only works again?
I would like to describe my idea better:
User inserts his e-mail address and is redirected to a linked identity provider. If it is only a local or LDAP account, the alternative authenticator (failback) will be used, which would be the OTP in my scenario.
Describe alternatives you've considered
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: