<div dir="ltr">It should be fairly easy to add support for OTP as well as the direct grant supports that. The user would have to specify to use OTP though.</div><div class="gmail_extra"><br><div class="gmail_quote">On 21 July 2016 at 19:15, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Nice work Marko! I had two (not big deal) questions. First, when you<br>
specify the --cache parameters as you did for SAML, could the cache file be omitted?<br>
<br>
For example: kcreg --cache -r saml-realm ...<br>
<br>
I was thinking that once you specified the realm name, the API will just<br>
look for ~/.keycloak/saml-realm.cache. It's just an idea.<br>
<br>
Second question, is more like something to think if worth to take<br>
into consideration. Most of the examples that I saw, make use of<br>
username/password. But if the admin enables two factor authentication,<br>
she might be unable to use our client-reg CLI, or enforce weaken security only<br>
to make use of the CLI.<br>
<br>
Is OTP support planned for further iterations?<br>
<div><div class="h5"><br>
<br>
On 2016-07-21, Marko Strukelj wrote:<br>
> And if anyone wants to get their feet wet already:<br>
><br>
> <a href="https://github.com/mstruk/keycloak/tree/cli-reg/integration/client-registration-cli-tool" rel="noreferrer" target="_blank">https://github.com/mstruk/keycloak/tree/cli-reg/integration/client-registration-cli-tool</a><br>
><br>
><br>
> On Thu, Jul 21, 2016 at 4:06 PM, Stian Thorgersen <<a href="mailto:sthorger@redhat.com">sthorger@redhat.com</a>><br>
> wrote:<br>
><br>
> > Great work Marko!<br>
> ><br>
> > As we didn't have time to go through feedback let's use this thread for<br>
> > it. Add your questions and comments here please.<br>
> ><br>
> > _______________________________________________<br>
> > keycloak-dev mailing list<br>
> > <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> > <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
> ><br>
<br>
> _______________________________________________<br>
> keycloak-dev mailing list<br>
> <a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
<br>
<br>
</div></div>--<br>
<br>
abstractj<br>
PGP: 0x84DC9914<br>
</blockquote></div><br></div>