[keycloak-dev] User registration: OTP flow

Stian Thorgersen sthorger at redhat.com
Mon Nov 30 02:32:01 EST 2015 

My vote is to keep the issue open as it's clearly a usability issue.
Neither of us understood how to do it at first.

On 27 November 2015 at 16:45, Bruno Oliveira <bruno at abstractj.org> wrote:

> I think in this case, we can close the issue. OTP form will enable
> people to use authenticator, but not enforce it during the
> registration time.
>
> On Fri, Nov 27, 2015 at 5:40 AM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
> > It's certainly a usability issue then. I thought the opposite that "OTP
> > Form" was required, but not adding the default action to have it work
> with
> > registration as well.
> >
> > On 26 November 2015 at 21:24, Bruno Oliveira <bruno at abstractj.org>
> wrote:
> >>
> >> Ahoy, I was looking at this Jira
> >> https://issues.jboss.org/browse/KEYCLOAK-1998 and trying to reproduce
> >> the issue reported by Stian.
> >>
> >> What I did was:
> >>
> >> 1. Get the latest changes from master
> >> 2. Run mvn clean install -DskipTests=true && mvn -f
> >> testsuite/integration/pom.xml exec:java -Pkeycloak-server
> >> 3. Go to "Realm Settings" and enable "User Registration"
> >> 4. Go to "Authentication" > "Required Actions"
> >> 5. On Configure Totp mark the checkbox "Default Action"
> >> 6. Now logout and try to register
> >> 7. After the registration I get the TOTP screen
> >>
> >> Stian was following a different workflow
> >>
> >> 1. Get the latest changes from master
> >> 2. Run mvn clean install -DskipTests=true && mvn -f
> >> testsuite/integration/pom.xml exec:java -Pkeycloak-server
> >> 3. Go to "Realm Settings" and enable "User Registration"
> >> 4. Flows > Browser
> >> 5. OTP form marked as required
> >> 6. After the registration I won't get the TOTP screen
> >>
> >> After I managed to reproduce the real issue, I got confused about what
> >> would be the expected behavior in the situation where I have "OTP
> >> form" as required and "Required actions > Configure Totp > Default
> >> action" unchecked.
> >>
> >> To me it seems like OTP form is unnecessary, but I can be 110% wrong.
> >>
> >> Thoughts?
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20151130/9015c761/attachment.html

More information about the keycloak-dev mailing list