It should be fairly easy to add support for OTP as well as the direct grant supports that. The user would have to specify to use OTP though.

On 21 July 2016 at 19:15, Bruno Oliveira <bruno@abstractj.org> wrote:
Nice work Marko! I had two (not big deal) questions. First, when you
specify the --cache parameters as you did for SAML, could the cache file be omitted?

For example: kcreg --cache -r saml-realm ...

I was thinking that once you specified the realm name, the API will just
look for ~/.keycloak/saml-realm.cache. It's just an idea.

Second question, is more like something to think if worth to take
into consideration. Most of the examples that I saw, make use of
username/password. But if the admin enables two factor authentication,
she might be unable to use our client-reg CLI, or enforce weaken security only
to make use of the CLI.

Is OTP support planned for further iterations?


On 2016-07-21, Marko Strukelj wrote:
> And if anyone wants to get their feet wet already:
>
> https://github.com/mstruk/keycloak/tree/cli-reg/integration/client-registration-cli-tool
>
>
> On Thu, Jul 21, 2016 at 4:06 PM, Stian Thorgersen <sthorger@redhat.com>
> wrote:
>
> > Great work Marko!
> >
> > As we didn't have time to go through feedback let's use this thread for
> > it. Add your questions and comments here please.
> >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev@lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >

> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev@lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev


--

abstractj
PGP: 0x84DC9914