[keycloak-user] Multiple direct access flows within a realm

Shailesh Kochhar shailesh.kochhar at gmail.com
Tue Aug 8 05:13:15 EDT 2017


Hi everyone,

I am trying to understand if keycloak can support an authentication
scenario. I have a realm which has multiple trusted clients authenticating.
Some are mobile clients and some are web based clients. These clients use
direct access token flow to exchange user credentials for a token.

We'd like to support different credentials based on the client. I'd one
client (web) to be able to use username/password for a token while another
(mobile) client uses username and secure token like an OTP or a RSA
SecurID.

I have been able to create custom flows in my relam from the admin console
and I can setup a flow which requires OTPs. However, I am unable to
configure the flow per client. The only option I have been able to find is
to change the flow for an entire realm.

So my question is, is it possible to configure the OAuth flow in keycloak
at the client level? If not, are there extension possibilities which could
make this feasible?


Thanks,
Shailesh


More information about the keycloak-user mailing list