Can I use SMS OTP Authentication in Keycloak?


We are using Keycloak 11.0.2 for common Auth in a microservice architecture. One of our client requirement is app need to log-in using user-id and with SMS OTP (Twilio provider). Is there is any plugin available to cover this option in Keycloak?

Could you please share me the valid working plugin, documentation or any samples which are already developed on the requirement? (any relevant documentation)

We are using Java 11


I have an example here, using AWS SNS as SMS provider:

Using Twilio, you have to implement the SmsService interface for Twilio yourself, I don’t know the Twilio API. But the rest of the Keycloak authenticator you can use of course as a good starting point.

Docs for the authenticator are not ready yet, but it should be obvious from the code, hopefully.

Have a look at the repo!
Does it help?

Thanks for your quick response and help.
Since I am new to Keycloak implementation, could you please clarify me on below points

  • Where I have to upload this Jar file, and any other setting I have to do in Keycloak portal
  • Did need to move template file to a server

Also, I like to add this log-in flow to one of the clients in the realm.

You should read (and understand) the developer docs here:

After deploying the custom authenticator, you have to create a new authentication flow in admin UI to use this authenticator as an execution. In this flow/execution, you can (or have to, depends on your authenticator) configure the authenticator.

With my example, it’s not necessary to deploy an extra template, as it comes along with the resources of the authenticator jar. It’s suits the needs if you use a theme based on the base-template. If you have a completely different theme, you have to adjust the theme-resources from the authenticator and deploy it with your own extension or separately with your theme.

Please, read the docs first!!