I’m starting to use keycloak and for now it works with the normal login workflows. I’m able to login users with username and password.
I need to use it also with hard tokens(OTP) for multi factor login is it possible to implement a workflow that requires first the normal username/password and then this external OTP provider?
As extra information this external OTP have a radius interface.
I’m not able to find any documentation regarding this. Anyone can guide me?
Thank you
Julio Carreira
You can achieve this today with a custom authenticator for the hard-token. However, there are quite a few limitations with regards to adding custom two factor mechanisms today, which we are working to resolve as part of introducing support for WebAuthN (see https://issues.jboss.org/browse/KEYCLOAK-7159 for more details).
Thank you for your reply Stianst,
I don’t know if I should open a new question, but i have a question related to this one.
If I only want to authenticate (once) against a Radius server is there already a module or I need to build my own?
Thank you again