Re: [keycloak-dev] Cleanup of 'Change password' screen in Account app

I guess at least the re-auth part is logic that belongs in the client that performs the login. Question though for authentication levels as well as authentication timeout (or whatever you call it) shouldn't a rest service be able to say things like I require the user to have authenticated with password + otp, and to have authenticated within N minutes?