[keycloak-user] Keycloak & Forced Authentication
Bill Burke
bburke at redhat.com
Tue May 24 11:12:07 EDT 2016
Our SAML client adapters have no way to force authentication, but the
server does support SAML ForceAuth=true. There's a similar thing for OIDC.
You could also extend the Cookie authenticator to ignore the cookie
check if a certain client is requesting authentication.
On 5/24/16 8:53 AM, John D. Ament wrote:
> Hi,
>
> I was wondering if there was any way in Keycloak to force the
> authentication of a user?
>
> From my application, I may need a user to reverify their credentials.
> They will likely already have a session with keycloak open, but I need
> them to re-enter their credentials. Is there a way to do this? Or
> even an API call I can make with the user's credentials to verify them?
>
> Likewise, I need to be able to provide a SAML ForceAuth=true. Is this
> possible in Keycloak?
>
> John
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160524/9bdd9ffd/attachment.html
More information about the keycloak-user
mailing list