[keycloak-user] 2FA via REST API -> server-spi-private?
Stian Thorgersen
sthorger at redhat.com
Mon Jan 9 07:32:40 EST 2017
Take a look at
https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/oidc-generic.html
On 9 January 2017 at 12:54, Stefan Schlesinger <sts at ono.at> wrote:
> Can you give an example where to post the mentioned data? The curl call
> I’m trying to do, gives me a 404:
>
> curl -v \
> -H "Authorization: Bearer $ACCESS_TOKEN" \
> -H "Content-Type: application/json" \
> -d "[{"\""type"\"":"\""totp"\"","\""value"\"":"\""$OTP_CODE"\""}]" \
> $BASE_URL/realms/$REALM/credential-validation
>
> Best, Stefan
>
> > On 09 Jan 2017, at 12:47, Stian Thorgersen <sthorger at redhat.com> wrote:
> >
> > Neither server-private-spi or authorization api hasn't anything to do
> with what you are trying to achieve.
> >
> > You need to use the direct grant api and include otp code has "totp" in
> the form data.
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list