[keycloak-dev] Postpone TOTP SPI to after 1.0.final

Stian Thorgersen stian at redhat.com
Wed Jul 30 04:53:08 EDT 2014


A general authentication plugin SPI for clients should be relatively straightforward, not sure about users though.

Credentials for users requires changes to the login flow as well as account management pages, so could be tricky to do it in a generic way.

Worth a try though! So let's wait until after 1.0.final with the TOTP work.

----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Tuesday, 29 July, 2014 10:36:50 PM
> Subject: Re: [keycloak-dev] Postpone TOTP SPI to after 1.0.final
> 
> By authentication plugin SPI, I actually mean a credential type plugin
> SPI.  Have a user requesting that they be able to plug in their own
> client-cert verification mechanism.
> 
> On 7/29/2014 5:33 PM, Bill Burke wrote:
> > Could this TOTP SPI turn into a general authentication plugin SPI?  Just
> > had an inquiry for that type of SPI.
> >
> > On 7/29/2014 8:51 AM, Stian Thorgersen wrote:
> >> Due to there being quite a lot of work to do the required updates to
> >> properly do a TOTP SPI I propose we post-pone this to 1.1.0.
> >>
> >> The work would include:
> >>
> >> * A TOTP SPI
> >> * Account management needs to support multiple TOTPs
> >> * Select TOTP provider to configure if required to setup TOTP on login
> >> * Select TOTP provider to use at login if user has multiple
> >> * Configure what TOTP are permitted for a realm
> >> * Remember TOTP option (don't ask for TOTP in 30 days on this machine)
> >> * Email implementation (send a OTP through email)
> >> * SMS implementation (use an example SMS cloud service to send OTP) - this
> >> would also require additional fields to registration
> >> * At least one other TOTP implementation (FreeOTP and Yubikey)
> >> * ...
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >>
> >
> 
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 


More information about the keycloak-dev mailing list