That's already available and it's the default setting how is Keycloak configured. In other words, the TOTP is not mandatory by default, but each user can go to the account management and setup TOTP if he wants to. Then he will always need to provide TOTP credentials during login (in other words, TOTP will become mandatory for him).

Marek

On 09/09/15 06:41, Niels Bertram wrote:

We would like to give users a choice to further enhance their profile security by enabling TOTP. We can only see this being configured at a realm level. Is it possible to enable this at an account level too?

Kind Regards,

Niels
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user