Re: [keycloak-user] How to integrate 3rd-party 2FA with Keycloak

On 14 Jun 2019, at 13:21, Lukasz Lech <l.lech(a)ringler.ch&gt; wrote: Hello, What would exactly mean 'extending existing OTPs'? Does it mean modifying Keycloak sources, or providing your own extension (via SPI)? Keycloak-sms-authenticator-sns configured in the way described in README works really strange. It is always active, but Is not validating token unless you set SMS to REQUIRED etc. Is it a productive project or a kind of an abandoned experiment / research ? Best regards, Lukasz Lech -----Original Message----- From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org] On Behalf Of Lukasz Dywicki Sent: Freitag, 14. Juni 2019 12:20 To: Hyunji Kim <hyunji.kim(a)broadcom.com>; keycloak-user(a)lists.jboss.org Subject: Re: [keycloak-user] How to integrate 3rd-party 2FA with Keycloak Hey Hyunji, In order to integrate additional OTP you have two ways: 1) extend existing OTPs (google, freeotp) and add your own 2) create own browser frow with your custom otp action I believe the later one is easier as it can be done without modifying existing Keycloak sources. A nice example with completely new Authenticator is available at github: https://github.com/UKGovernmentBEIS/keycloak-sms-authenticator-sns Best regards, Łukasz -- Code-House http://code-house.org > On 12.06.2019 23:58, Hyunji Kim wrote: > Hello all, > > is there any way to integrate a 3rd-party 2FA with Keycloak so that > the OTP code is validated by the 2FA outside Keycloak? > > My team is using Authy for 2FA and I'm trying to figure out how to > integrate it with Keycloak. > > Thank you, > Hyunji > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user > _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user