[keycloak-user] 2FA via REST API -> server-spi-private?

Stian Thorgersen sthorger at redhat.com
Mon Jan 9 06:47:44 EST 2017


Neither server-private-spi or authorization api hasn't anything to do with
what you are trying to achieve.

You need to use the direct grant api and include otp code has "totp" in the
form data.

On 9 January 2017 at 11:54, Stefan Schlesinger <sts at ono.at> wrote:

> A colleague of mine pointed me to the following commit, which looks like
> it moved some things to a "server-spi-private”.
>
> Could this be related?
>
> https://issues.jboss.org/browse/KEYCLOAK-3958
> https://github.com/keycloak/keycloak/commit/7e33f4a7d1cbf2b37aa2a6d5b87dfe
> 70d57d0252
>
> Best, Stefan.
>
> > On 08 Jan 2017, at 11:48, Stefan Schlesinger <sts at ono.at> wrote:
> >
> > Hi Thomas,
> >
> > I’m trying to use the examples provided in the thread you pointed me at,
> > but the last call to the validation endpoint gives me a 404.
> >
> > I also tried to find documentation, but apart from the admin REST API
> > and the Authorization API[1] (which covers basic usage) I couldn’t find
> > anything.
> >
> > My test script:
> >
> > https://gist.github.com/sts/4c6f8fa759cec88197ca6dfcf306c391
> >
> > Best,
> >
> > Stefan.
> >
> > [1] Authorization API - https://keycloak.gitbooks.io/
> authorization-services-guide/content/v/2.5/topics/service/
> authorization/authorization-api.html
> >
> >> On 07 Jan 2017, at 14:31, Thomas Darimont <thomas.darimont at googlemail.
> com> wrote:
> >>
> >> have a look at this example from the mailing list:
> >> http://lists.jboss.org/pipermail/keycloak-dev/2016-November/008419.html
> >>
> >> 2017-01-06 16:17 GMT+01:00 Stefan Schlesinger <sts at ono.at>:
> >>> Anyone knows how to verify an OTP (TOTP) token against the Keycloak
> Openid REST API for clients with direct access grants enabled?
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list