[Feature]: support of OTP as failback authenticator #358
Assignees
Labels
enhancement
New feature or request
Comments
|
Hello @ArminRadmueller,
To make this work, I would need to set the user in the Keycloak context. But that would instantly lead to the security issue described in #251 again. So, I do not think I will be able to support this right now. If you need passwordless authentication, why not use the |
|
I will test it in the next few days, but it will be too big a step for our use case |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing feature request for this?
Is your feature related to a problem? Please describe.
I would like to use the home-idp-discovery with our Keycloak and after watching the video I had set it up as described and encountered the same problem as described in #285. In the documentation it's described correctly with username/password form.
I wanted to set up the home-idp-discovery with an OTP failback instead of the password-form, in other words passwordless.
Describe the solution you'd like
Would it be possible to adapt the implementation in #251 so that password form or alternatively OTP form only works again?
I would like to describe my idea better:
User inserts his e-mail address and is redirected to a linked identity provider. If it is only a local or LDAP account, the alternative authenticator (failback) will be used, which would be the OTP in my scenario.
Describe alternatives you've considered
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: