[keycloak-user] How to integrate 3rd-party 2FA with Keycloak

Łukasz Dywicki luke at code-house.org
Sat Jun 15 02:10:12 EDT 2019 

I would say that project itself is good enough to be used as kind of starting point for similar requirements. Both OTP and SMS validation require additional step in login and/or registration process.
The way to go in such cases is plugging additional Authenticator instances int the flow.

Cheers,
Łukasz Dywicki
--
Code-House
http://code-house.org

> On 14 Jun 2019, at 13:21, Lukasz Lech <l.lech at ringler.ch> wrote:
> 
> Hello,
> 
> What would exactly mean 'extending existing OTPs'? Does it mean modifying Keycloak sources, or providing your own extension (via SPI)?
> 
> Keycloak-sms-authenticator-sns configured in the way described in README works really strange. It is always active, but Is not validating token unless you set SMS to REQUIRED etc. 
> Is it a productive project or a kind of an abandoned experiment / research ?
> 
> Best regards,
> Lukasz Lech
> 
> 
> -----Original Message-----
> From: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Lukasz Dywicki
> Sent: Freitag, 14. Juni 2019 12:20
> To: Hyunji Kim <hyunji.kim at broadcom.com>; keycloak-user at lists.jboss.org
> Subject: Re: [keycloak-user] How to integrate 3rd-party 2FA with Keycloak
> 
> Hey Hyunji,
> In order to integrate additional OTP you have two ways:
> 1) extend existing OTPs (google, freeotp) and add your own
> 2) create own browser frow with your custom otp action
> 
> I believe the later one is easier as it can be done without modifying existing Keycloak sources.
> A nice example with completely new Authenticator is available at github:
> https://github.com/UKGovernmentBEIS/keycloak-sms-authenticator-sns
> 
> Best regards,
> Łukasz
> --
> Code-House http://code-house.org
> 
>> On 12.06.2019 23:58, Hyunji Kim wrote:
>> Hello all,
>> 
>> is there any way to integrate a 3rd-party 2FA with Keycloak so that 
>> the OTP code is validated by the 2FA outside Keycloak?
>> 
>> My team is using Authy for 2FA and I'm trying to figure out how to 
>> integrate it with Keycloak.
>> 
>> Thank you,
>> Hyunji
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list