[keycloak-user] Forgot password flow + TOTP
Johan Heylen
johan.heylen.public at gmail.com
Mon Nov 16 05:50:59 EST 2015
Hello,
we currently have a keycloak server setup with both TOTP and the forget
password (reset-credential) flow active.
When we organize a update password action for a user through the admin
panel, he gets an email with a link, and after choosing a new password, the
user has to enter the TOTP in the login screens before actually being
logged in.
When the user himself organizes a forget password on the login screen, he
gets an email with a link, and after choosing a new password, the user DOES
NOT have to enter the TOTP in the login screens before actually being
logged in.
We want both actions to be the same, or at least always want the TOTP be
entered in logging in.
Can this last part be changed, either through a configuration setting or
creating a whole new reset credential flow within the current Keycloak
version (1.6.0) or do I need a JIRA ticket for a feature request?
Tnx,
Johan Heylen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151116/a0393757/attachment.html
More information about the keycloak-user
mailing list