[keycloak-user] Login via Magic URL
Thomas Richner
thomas.richner at oviva.com
Fri Oct 26 10:07:24 EDT 2018
Hi All,
I'm trying to lower the barrier for users by sending them a 'magic'
link to login without a password into a mobile app.
The general flow would be as following:
1. backend requests 'single use token' from Keycloak via API
2. backend sends email with this token to user via e.g. email as part
of a magic link
3. user opens the link on a mobile device
4. the uri scheme/domain is registered in the mobile OS for a specific
app, app gets opened
5. mobile app exchanges 'single use token' for a refresh token
6. user is logged in :)
As I understand there is no such flow available in Keycloak. Looking
at the SPI interfaces one might be able to implement something like
this by adding custom API endpoints and ActionTokenHandler.
Since I doubt I'm the first one to explore magic deep links with
Keycloak, did anybody already implement that? Did I miss a feature
that already exists? Is there an easier way to achieve this with
Keycloak?
Cheers,
Thomas
More information about the keycloak-user
mailing list