[keycloak-dev] OAuth2 Incremental Authorization
Bill Burke
bburke at redhat.com
Wed Apr 25 11:06:01 EDT 2018
On Wed, Apr 25, 2018 at 10:45 AM, Pedro Igor Silva <psilva at redhat.com> wrote:
> Adaptive authentication is a separated beast though as it may also be
> related to risk-based authentication/authorization. Some form of calculation
> based on different sources of information to obtain some score to then take
> some action. It is a hell of a feature depending on how much we want to
> invest in it.
>
Lol, that *WOULD* be cool......I always worried that step-up
authentication would be an edge case as most customers/users would
want to require 2nd factor authentication up front. Would a more
common case be that a certain client scope requires re-authentication?
i.e. to perform a sensitive operation? FYI, I'm completely
speculating here.
--
Bill Burke
Red Hat
More information about the keycloak-dev
mailing list