2:57 a.m.
User can register through a mobile number. He will be sent an OTP on his
mobile number (for verification and first time login)
Once verified and he logs in for the first time he can set his password.
Similar workflow will be used if he wants to recover his password. He will
get a OTP on his mobile that will allow him to log in and he can reset his
password thereafter.
2 Factor Authentication is not something we are looking at yet, though it
will be good to have
On Thu, Oct 1, 2015 at 1:22 PM, Stian Thorgersen <sthorger(a)redhat.com>
wrote:
Using SMS as a two factor auth mechanism is on the road-map, but not
in
the near future. The idea is basically that the server creates a unique
code, sends it in SMS, and the user would then copy it back to the login
screen. Issue with it is that we first need to allow users to select what
two factor auth mechanism they want to use. They could have a hardware OTP
token for example, but as they don't have it with them they could use the
SMS code as a backup. We also have tons of other things ahead of it in the
queue.
I'm a bit curious about your use-case. You basically want a user to login
with mobile number + password, and also use a code sent over SMS as a two
factor auth? Or do you have something different in mind?
On 1 October 2015 at 09:45, Anunay Sinha <anunay.sinha(a)arvindinternet.com>
wrote:
> Hi Stian,
> I have question about login through mobile devices in general,
> where I would like to login via mobile number, get an OTP on my number
> and use it to register/login into the system,
>
> For the number I can follow your instructions but am looking to provide
> for OTP as well (I am exploring this). It will be nice to have it out of
> the box :)
>
> Is such a option there in the Keycloak's roadmap ?
> If so what is the rough timeline?
>
> On Thu, Oct 1, 2015 at 1:06 PM, Stian Thorgersen <sthorger(a)redhat.com>
> wrote:
>
>> You would need to create a custom authenticator for it. Take a look at
>> http://keycloak.github.io/docs/userguide/html/auth_spi.html
>>
>> On 30 September 2015 at 15:34, Revanth Ayalasomayajula <
>> revanth(a)arvindinternet.com> wrote:
>>
>>> Hi all,
>>>
>>> I have an application that is secured by Keycloak. I am able to login
>>> using username/email and password. I also want to implement login via phone
>>> number. Could anybody help me how to store the phone number for a user and
>>> also how to use it to login the user.
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
> --
> - Anunay
>
--
- Anunay