Thanks Marek, I will check it out. Is there a way to use TOTP for step-up authentication? for instance I may log into my account using a password and just browse my profile information. I then initiate editing my address details. When I submit the edits I am prompted with an additional form of authentication (e.g. TOTP) as an authentication step up.

Kind Regards,

Niels

On Wed, Sep 9, 2015 at 6:17 PM, Marek Posolda <mposolda@redhat.com> wrote:

That's already available and it's the default setting how is Keycloak configured. In other words, the TOTP is not mandatory by default, but each user can go to the account management and setup TOTP if he wants to. Then he will always need to provide TOTP credentials during login (in other words, TOTP will become mandatory for him).

Marek

On 09/09/15 06:41, Niels Bertram wrote:
We would like to give users a choice to further enhance their profile security by enabling TOTP. We can only see this being configured at a realm level. Is it possible to enable this at an account level too?

Kind Regards,

Niels
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user