I want to used IdP brokered login only and in my case it offers a much higher assurance level of the user identity than keycloaks userid/password and I would like to thoroughly disable that method for logging in. I am using Keycloak 16.1.0.
I have looked around as good as I could and it seems to be different opinions and solutions for disabling password login. And I just want to make sure that I have thought of everything.
- Created a new theme and removed all mentions on password logins.
- Disabled everything from the “Login”-Tab of “Realm Settings”.
- Routing from internt only towards auth/realms och auth/resources
- Set regular expressions to \A(?!x)x on password policy and maximum length to -1
Anything else that comes to mind?