[keycloak-dev] Identity first login flow

Arlen Thurber arlen.thurber at datastax.com
Wed Jun 26 13:48:08 EDT 2019


Hello Keycloak community,

I am looking for more information on an custom authentication method named
Identity first login flow. I found this concept in a keycloak Jira ticket
https://issues.jboss.org/browse/KEYCLOAK-1514
The issue was opened 03/Jul/15. There was a discussion back in February of
2018 that mentioned that this functionality would be offered "out of the
box", but i cant find any more mention of it, and the issue was just
recently
put into plan on 06/Mar/19 .

In the description of Identity first login flow :
"This makes it possible to not require a password for a user when other
authentication mechanisms are used (for example fingerprint, two-way ssl,
etc.). Also, it allows automatically redirecting to an external IdP when
the user is linked to an external IdP (either the user used the IdP to
login before or a email domain has been configured to the IdP)."

Does anyone have any more information about this concept, an example of it
working, or advice on how this login flow could be achieved? I have started
looking into a custom authenticator and authentication flow, but it would
be ideal if this functionality was built in.

Thank you,
Arlen

<http://www.datastax.com/>


More information about the keycloak-dev mailing list