Re: [keycloak-dev] OAuth2 Incremental Authorization
On Wed, Apr 25, 2018 at 10:45 AM, Pedro Igor Silva <psilva(a)redhat.com> wrote:
Adaptive authentication is a separated beast though as it may also
be
related to risk-based authentication/authorization. Some form of calculation
based on different sources of information to obtain some score to then take
some action. It is a hell of a feature depending on how much we want to
invest in it.
Lol, that *WOULD* be cool......I always worried that step-up
authentication would be an edge case as most customers/users would
want to require 2nd factor authentication up front. Would a more
common case be that a certain client scope requires re-authentication?
i.e. to perform a sensitive operation? FYI, I'm completely
speculating here.
--
Bill Burke
Red Hat