[keycloak-dev] Single Page to manage credentials

Bruno Oliveira bruno at abstractj.org
Mon Nov 25 15:07:40 EST 2019


Good afternoon, 

Stan started the work here[1] to provide a single page to manage
credentials based on the New Account console feedback[2], you can have
an idea about how it looks like based on this screenshoot[3]. Please
keep in mind that this is a WIP.

Based on the mock-up[2] provided in the same document, there are some
items that we need to clarify to move forward.

1. Is this a toggle switch like (ON/OFF) for "Two-factor authentication"
or just informative to show that 2FA is turned on? If that's a toggle
should we handle this with AIA, by asking the user to re-authenticate?
Today, we don't do this.

2. Mobile Authenticator - Hamburger menu with actions like
delete/update. IMO does not make sense to provide "update" as one of the
actions. Maybe delete and view to display all the devices enrolled.

3. Backup codes. Are we going to provide this? I'd say no, but it's
better to confirm.

4. Additional two-factor authenticators. At the moment we don't have any
way to use SMS, so I assume we're going to remove this. It seems to me
that the Web Authentication section overlaps with the "Passwordless"
section, but I can be wrong.  Maybe we should choose which one we would
like to keep to avoid confusion?

5. Passwordless section. Is the ON/OFF informative or a toggle switch
between both states?

6. Passwordless/Web Authentication. As I mentioned before, it seems to
me as an overlap. But I can be wrong.

Another thing that I was thinking for "Web Authentication" is to show an
hamburger menu with (Set up/View/Remove) instead of just "Set up".

Any thoughts?

[1] - https://github.com/keycloak/keycloak/pull/6516
[2] - https://i.imgur.com/UWn3mch.png 
[3] - https://i.imgur.com/1RKwx4A.png

-- 

abstractj


More information about the keycloak-dev mailing list