We don't have support for step-up authentication at the moment. It's on our
radar though.
You may be able to do something with custom authenticator, but probably not
with the script authenticator.
On 10 January 2017 at 21:41, Santosh Haranath <santosh.haranath(a)gmail.com>
wrote:
In continuation -
With Step-Up Authentication, applications that allow access to
different types of resources can require users to authenticate with a
stronger authentication mechanism to access sensitive resources.
How can we implement step-up authentication with Keycloak ? Is there
an implementation of Authentication Context Class Reference within
Keycloak?
On Tue, Jan 10, 2017 at 12:36 PM, Santosh Haranath
<santosh.haranath(a)gmail.com> wrote:
> Does Script Authenticator in Authentication flow provide a way to
> manage session timeout as per level of assurance. Example 2 FA is
> valid for 20 mins but local LDAP authn is valid for 60 mins.
>
> How can we implement this requirement with keycloak?
>
> Thanks
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user