7:53 a.m.
Hi,
I was wondering if there was any way in Keycloak to force the
authentication of a user?
From my application, I may need a user to reverify their credentials.
They
will likely already have a session with keycloak open, but I need them to
re-enter their credentials. Is there a way to do this? Or even an API
call I can make with the user's credentials to verify them?
Likewise, I need to be able to provide a SAML ForceAuth=true. Is this
possible in Keycloak?
John
10:12 a.m.
Our SAML client adapters have no way to force authentication, but the
server does support SAML ForceAuth=true. There's a similar thing for OIDC.
You could also extend the Cookie authenticator to ignore the cookie
check if a certain client is requesting authentication.
On 5/24/16 8:53 AM, John D. Ament wrote:
Hi,
I was wondering if there was any way in Keycloak to force the
authentication of a user?
From my application, I may need a user to reverify their credentials.
They will likely already have a session with keycloak open, but I need
them to re-enter their credentials. Is there a way to do this? Or
even an API call I can make with the user's credentials to verify them?
Likewise, I need to be able to provide a SAML ForceAuth=true. Is this
possible in Keycloak?
John
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
3152
days inactive
3152
days old
1 comments
2 participants
participants (2)
-
Bill Burke -
John D. Ament