[keycloak-user] Login by mobile number.
Thomas Raehalme
thomas.raehalme at aitiofinland.com
Tue Oct 6 02:22:06 EDT 2015
+1 this would be great!
On Oct 6, 2015 9:14 AM, "Stian Thorgersen" <sthorger at redhat.com> wrote:
> We have plans to add step up authentication. Basically the idea is that a
> user can authenticate with a set of week credentials (username/password),
> but when the application requires stronger authentication it would redirect
> back to Keycloak which would then ask for additional authentication (otp,
> sms, etc.). This is not something that's on our immediate road-map though.
>
> On 1 October 2015 at 10:06, Travis De Silva <traviskds at gmail.com> wrote:
>
>> +1 for this feature.
>>
>> This use case is getting quite popular these days. Apart from the banks
>> that follow this procedure, you also get companies like Google that do this
>> as an extra step to prevent someone who has stolen your username/password
>> from using it to access your content.
>>
>> A would like to suggest a few additional features around this requirement
>> for it to be more valuable.
>>
>> 1. Option in KeyCloak to set if the SMS should be sent for all login
>> attempts or only when logging in from a new device like who you get with
>> Google
>>
>> 2. A set of actions that could trigger the SMS - For example let's say I
>> have a banking web app and if the user logs in and does a funds transfer
>> above a certain limit, I should be able to from my app trigger an SMS auth.
>> Not sure if this is part of OAuth2 or OIDC but I have encountered quite a
>> few applications following this flow to prevent identify theft.
>>
>>
>>
>> On Thu, 1 Oct 2015 at 17:52 Stian Thorgersen <sthorger at redhat.com> wrote:
>>
>>> Using SMS as a two factor auth mechanism is on the road-map, but not in
>>> the near future. The idea is basically that the server creates a unique
>>> code, sends it in SMS, and the user would then copy it back to the login
>>> screen. Issue with it is that we first need to allow users to select what
>>> two factor auth mechanism they want to use. They could have a hardware OTP
>>> token for example, but as they don't have it with them they could use the
>>> SMS code as a backup. We also have tons of other things ahead of it in the
>>> queue.
>>>
>>> I'm a bit curious about your use-case. You basically want a user to
>>> login with mobile number + password, and also use a code sent over SMS as a
>>> two factor auth? Or do you have something different in mind?
>>>
>>>
>>>
>>>
>>>
>>> On 1 October 2015 at 09:45, Anunay Sinha <
>>> anunay.sinha at arvindinternet.com> wrote:
>>>
>>>> Hi Stian,
>>>> I have question about login through mobile devices in general,
>>>> where I would like to login via mobile number, get an OTP on my number
>>>> and use it to register/login into the system,
>>>>
>>>> For the number I can follow your instructions but am looking to provide
>>>> for OTP as well (I am exploring this). It will be nice to have it out of
>>>> the box :)
>>>>
>>>> Is such a option there in the Keycloak's roadmap ?
>>>> If so what is the rough timeline?
>>>>
>>>> On Thu, Oct 1, 2015 at 1:06 PM, Stian Thorgersen <sthorger at redhat.com>
>>>> wrote:
>>>>
>>>>> You would need to create a custom authenticator for it. Take a look at
>>>>> http://keycloak.github.io/docs/userguide/html/auth_spi.html
>>>>>
>>>>> On 30 September 2015 at 15:34, Revanth Ayalasomayajula <
>>>>> revanth at arvindinternet.com> wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> I have an application that is secured by Keycloak. I am able to login
>>>>>> using username/email and password. I also want to implement login via phone
>>>>>> number. Could anybody help me how to store the phone number for a user and
>>>>>> also how to use it to login the user.
>>>>>>
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>> keycloak-user at lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> - Anunay
>>>>
>>>
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20151006/b391b3e6/attachment.html
More information about the keycloak-user
mailing list