[keycloak-user] Alternative sub flow
Matt Evans
mevans at aconex.com
Tue Mar 21 01:23:33 EDT 2017
Hi
I have been trying to configure a keycloak flow but have not been successful, and I am wondering if what I am trying to do is possible.
We have the standard flows
Cookie
Kerberos
Identity Provider Redirector
Browser
Inside the Browser flow we have
Username Password Form
2SV - sub flow required
OTP execution - alternative
SMS execution - alternative
The OTP and SMS executions are custom authenticators, that I'd like to have at least one of them.
With this configuration I can see the OTP authenticator returns a form from the challenge method, but it doesn't show the form. The authentication just passes and I am logged in without asking for either the otp or the sms code.
Can I use the alternative requirements in this way?
Matt
More information about the keycloak-user
mailing list