Re: [keycloak-user] Directs Grants API & OTP
Hmm.. I am looking at class ValidateOTP and there is initial call to
check whether OTP is configured for the user. Once you have this
authenticator OPTIONAL, it should work. Do you have this OPTIONAL? Are
you using this or other authenticator?
Marek
On 23/02/17 11:54, Stefan Schlesinger wrote:
Hello,
I’m using the Direct Grants API as authentication backend for our Radius server.
Currently I’m unable to determine whether an user already has an OTP token configured or
not,
and thus our Radius server always prompts the user with an Access-Challenge dialog.
Users who haven’t configured an OTP token yet won’t be able to login, or in case I can
work
around this issue, will at least be presented with a question for an OTP token, which
they
are not aware of.
Is there a way how I could improve this? Eg. an API call, which authenticated OpenIDC
clients can trigger?
Best,
Stefan.
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user