On Tue, Jan 13, 2015 at 6:20 PM, Bill Burke <bburke@redhat.com> wrote:

On 1/13/2015 11:19 AM, Summers Pittman wrote:
> On 01/13/2015 11:11 AM, Bill Burke wrote:
>> Why does a user have to enter in the OTP generated by their mobile
>> device? Wouldn't it be cooler if the steps were:
>>
>> 1. Enter in username password in the browser
>> 2. Browser blocks and wait for...
>> 3. Press a button on your OTP iphone app
>> 4. iphone app sends an HTTP message to Keycloak with username and
>> generated OTP (in background)
>> 5. Keycloak sees if a browser app is waiting for OTP verification, then
>> verifies OTP if so.
>> 6. Browser unblocks and lets user in.
>>
>> Now, the user doesn't ever have to enter the OTP (and mess it up like I
>> do all the time). They just need their mobile device.
>>
>>
>>
> Even better, in Android this can be done from an interactive
> notification. You won't even need to open the app.
>

Probably the same in iOS, no?

the same 'interactive notification' concept exist in iOS too, that is without launching the app in the foreground, instead allowing the user to click 'Accept/Send OTP" in the notification directly and let the system call your app in the 'background' to process the request.

Christos

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev