7:48 p.m.
Hello Keycloak community,
I am looking for more information on an custom authentication method named
Identity first login flow. I found this concept in a keycloak Jira ticket
https://issues.jboss.org/browse/KEYCLOAK-1514
The issue was opened 03/Jul/15. There was a discussion back in February of
2018 that mentioned that this functionality would be offered "out of the
box", but i cant find any more mention of it, and the issue was just
recently
put into plan on 06/Mar/19 .
In the description of Identity first login flow :
"This makes it possible to not require a password for a user when other
authentication mechanisms are used (for example fingerprint, two-way ssl,
etc.). Also, it allows automatically redirecting to an external IdP when
the user is linked to an external IdP (either the user used the IdP to
login before or a email domain has been configured to the IdP)."
Does anyone have any more information about this concept, an example of it
working, or advice on how this login flow could be achieved? I have started
looking into a custom authenticator and authentication flow, but it would
be ideal if this functionality was built in.
Thank you,
Arlen
<http://www.datastax.com/>
8:32 p.m.
We are planning to add this later in the year as it is related to webauthn
passwordless logins. Not much more information around it at this point
though.
On Wed, 26 Jun 2019, 20:04 Arlen Thurber, <arlen.thurber(a)datastax.com>
wrote:
Hello Keycloak community,
I am looking for more information on an custom authentication method named
Identity first login flow. I found this concept in a keycloak Jira ticket
https://issues.jboss.org/browse/KEYCLOAK-1514
The issue was opened 03/Jul/15. There was a discussion back in February of
2018 that mentioned that this functionality would be offered "out of the
box", but i cant find any more mention of it, and the issue was just
recently
put into plan on 06/Mar/19 .
In the description of Identity first login flow :
"This makes it possible to not require a password for a user when other
authentication mechanisms are used (for example fingerprint, two-way ssl,
etc.). Also, it allows automatically redirecting to an external IdP when
the user is linked to an external IdP (either the user used the IdP to
login before or a email domain has been configured to the IdP)."
Does anyone have any more information about this concept, an example of it
working, or advice on how this login flow could be achieved? I have started
looking into a custom authenticator and authentication flow, but it would
be ideal if this functionality was built in.
Thank you,
Arlen
<http://www.datastax.com/>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
11:38 p.m.
Hello,
I just gave this a quick spin:
https://github.com/thomasdarimont/keycloak-extension-playground/tree/mast...
For a demo see also
https://twitter.com/thomasdarimont/status/1144357602094194688
Would be great to have something like that directly in Keycloak :)
Cheers,
Thomas
On Wed, 26 Jun 2019 at 20:35, Stian Thorgersen <sthorger(a)redhat.com> wrote:
We are planning to add this later in the year as it is related to
webauthn
passwordless logins. Not much more information around it at this point
though.
On Wed, 26 Jun 2019, 20:04 Arlen Thurber, <arlen.thurber(a)datastax.com>
wrote:
> Hello Keycloak community,
>
> I am looking for more information on an custom authentication method
named
> Identity first login flow. I found this concept in a keycloak Jira ticket
> https://issues.jboss.org/browse/KEYCLOAK-1514
> The issue was opened 03/Jul/15. There was a discussion back in February
of
> 2018 that mentioned that this functionality would be offered "out of the
> box", but i cant find any more mention of it, and the issue was just
> recently
> put into plan on 06/Mar/19 .
>
> In the description of Identity first login flow :
> "This makes it possible to not require a password for a user when other
> authentication mechanisms are used (for example fingerprint, two-way ssl,
> etc.). Also, it allows automatically redirecting to an external IdP when
> the user is linked to an external IdP (either the user used the IdP to
> login before or a email domain has been configured to the IdP)."
>
> Does anyone have any more information about this concept, an example of
it
> working, or advice on how this login flow could be achieved? I have
started
> looking into a custom authenticator and authentication flow, but it would
> be ideal if this functionality was built in.
>
> Thank you,
> Arlen
>
> <http://www.datastax.com/>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
1764
days inactive
1765
days old
2 comments
3 participants
participants (3)
-
Arlen Thurber -
Stian Thorgersen -
Thomas Darimont