[keycloak-user] Logging in using REST-API to realm with customized browser flow
Lukasz Lech
l.lech at ringler.ch
Wed Jul 3 11:15:12 EDT 2019
Hello,
I've created custom browser flow with additional 2fa step (based on https://github.com/gwallet/keycloak-sms-authenticator).
If I log in using browser, I'm challenged to enter the code sent by SMS.
However, I was able to log in using REST-API, bypassing the extra security.
Is it some misconfiguration or known behavior?
Custom flow is chosen under Authentication->Bindings.
Best regards,
Lukasz Lech
More information about the keycloak-user
mailing list