Stian,
I updated my prototype to cover the topics listed in the document:
https://github.com/keycloak/keycloak/wiki/User-Account-Management.
Please check it out in
https://gatein.mybalsamiq.com/projects/keycloak/grid, screens from
Linda account to Linda Authorised Access 2.
Gabriel
On Aug 19, 2013, at 9:54 AM, Bill Burke wrote:
On 8/19/2013 8:52 AM, Gabriel Cardoso wrote:
> Very nice Stian!
>
>> * When a user first registers there will be a checkbox to enable TOTP if the
users wants to - if TOTP is required by the realm this checkbox will always be enabled
(and the user won't be able to change it)
>> * After clicking register the user is forwarded to the configure TOTP page (in
user account management)
>> * If a user doesn't complete the above form, or a user registered prior to
totp being set as required for the realm, when a user tries to login the user is forwarded
to the configure TOTP page
>> * The TOTP page should list out the available TOTP providers (ATM only Google
authenticator is supported) and show instructions for the user to configure it. A user
should be required to enter a valid authenticator code to enable TOTP
>>
>> Later a user can view the TOTP settings for his account through the user account
management. If totp is not required by the realm the user can also remove the totp. A user
can always change the totp, again this required providing a valid authenticator code.
>
> This flow sounds good to me.
Yes. +1 on the flow.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev