[keycloak-dev] TOTP setup

[Gabriel Cardoso]

Stian,

I updated my prototype to cover the topics listed in the document: https://github.com/keycloak/keycloak/wiki/User-Account-Management.

Please check it out in https://gatein.mybalsamiq.com/projects/keycloak/grid, screens from Linda account to Linda Authorised Access 2.

Gabriel


On Aug 19, 2013, at 9:54 AM, Bill Burke wrote:

> 
> 
> On 8/19/2013 8:52 AM, Gabriel Cardoso wrote:
>> Very nice Stian!
>> 
>>> * When a user first registers there will be a checkbox to enable TOTP if the users wants to - if TOTP is required by the realm this checkbox will always be enabled (and the user won't be able to change it)
>>> * After clicking register the user is forwarded to the configure TOTP page (in user account management)
>>> * If a user doesn't complete the above form, or a user registered prior to totp being set as required for the realm, when a user tries to login the user is forwarded to the configure TOTP page
>>> * The TOTP page should list out the available TOTP providers (ATM only Google authenticator is supported) and show instructions for the user to configure it. A user should be required to enter a valid authenticator code to enable TOTP
>>> 
>>> Later a user can view the TOTP settings for his account through the user account management. If totp is not required by the realm the user can also remove the totp. A user can always change the totp, again this required providing a valid authenticator code.
>> 
>> This flow sounds good to me.
> 
> Yes.  +1 on the flow.
> 
> -- 
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20130819/d6422c35/attachment.html