Neither server-private-spi or authorization api hasn't anything to do with
what you are trying to achieve.
You need to use the direct grant api and include otp code has "totp" in the
On 9 January 2017 at 11:54, Stefan Schlesinger <sts(a)ono.at> wrote:
A colleague of mine pointed me to the following commit, which looks
it moved some things to a "server-spi-private”.
Could this be related?
> On 08 Jan 2017, at 11:48, Stefan Schlesinger <sts(a)ono.at> wrote:
> Hi Thomas,
> I’m trying to use the examples provided in the thread you pointed me at,
> but the last call to the validation endpoint gives me a 404.
> I also tried to find documentation, but apart from the admin REST API
> and the Authorization API (which covers basic usage) I couldn’t find
> My test script:
>  Authorization API - https://keycloak.gitbooks.io/
>> On 07 Jan 2017, at 14:31, Thomas Darimont <thomas.darimont@googlemail.
>> have a look at this example from the mailing list:
>> 2017-01-06 16:17 GMT+01:00 Stefan Schlesinger <sts(a)ono.at>:
>>> Anyone knows how to verify an OTP (TOTP) token against the Keycloak
Openid REST API for clients with direct access grants enabled?
> keycloak-user mailing list
keycloak-user mailing list