[keycloak-user] Force additional authentication for specific pages?
Eric B
ebenzacar at gmail.com
Sun Jun 3 11:33:07 EDT 2018
I'm not sure how this can be done in Keycloak, but I suspect that it must
be feasible. Is there a way to use Resources, or something similar, that
would force an already-authenticated user to reauthenticate himself when
accessing a specific set of resources?
For example, if a user wants to access high-level administrative functions,
I would like for the user to reauthenticate themselves again. This
reauthentication could be valid for a finite period of time (ex: 5 mins),
before the user would have to once-again reauthenticate themselves to
continue using the high-level admin functions.
During the period where the user re-authenticates himself for the
high-level functions, I want his existing Keycloak session to continue as
it was; there should be no interruption in his original session or
credentials.
I've been looking to see if there was a way to use Keycloak Authorization
Resources and Permissions to accomplish this. Are there any good examples
or docs that could help steer me? Or am I looking down the wrong path?
Thanks,
Eric
More information about the keycloak-user
mailing list