Hello, I’m currently facing the following requirement, which I think is not standard in Keycloak. The basic idea is to have 2-factor authentication, but I don’t need it on login time, only when the user attempts to execute some specific action. Therefore, setting the logic as an authenticator or as a required action does not satisfy my needs, since the user should be allowed to login in the base case. The idea I was considering is to have an additional role on user level (eg: user_verified), so that in case of having that role, the user is good to go, but in case of not having the role, he will be required to go through the additional authentication process. My question is, how can I trigger that process? Met vriendelijke groet, Federico Navarro backend developer federico@info.nl<mailto:federico@info.nl> | LinkedIn<https://www.linkedin.com/company/info-nl> | -<tel:+31205309161> info.nl<http://www.info.nl/> Sint Antoniesbreestraat 16 | 1011 HB Amsterdam | +31 (0)20 530 9100<tel:+31205309100>