[keycloak-user] Is possible to have a "required action only on demand"?
Federico Navarro Polo - Info.nl
federico at info.nl
Mon Apr 23 04:45:28 EDT 2018
Hello,
I’m currently facing the following requirement, which I think is not standard in Keycloak.
The basic idea is to have 2-factor authentication, but I don’t need it on login time, only when the user attempts to execute some specific action. Therefore, setting the logic as an authenticator or as a required action does not satisfy my needs, since the user should be allowed to login in the base case.
The idea I was considering is to have an additional role on user level (eg: user_verified), so that in case of having that role, the user is good to go, but in case of not having the role, he will be required to go through the additional authentication process.
My question is, how can I trigger that process?
Met vriendelijke groet,
Federico Navarro
backend developer
federico at info.nl<mailto:federico at info.nl> | LinkedIn<https://www.linkedin.com/company/info-nl> | -<tel:+31205309161>
info.nl<http://www.info.nl/>
Sint Antoniesbreestraat 16 | 1011 HB Amsterdam | +31 (0)20 530 9100<tel:+31205309100>
More information about the keycloak-user
mailing list