Hi all, Is it possible to use external IdP and keycloak based OTP? When I create flow where first level is username+pwd and second level OTP it works ok. But after replacing username+pwd with external idp (saml) it fails. Thanks for answer.
mbonn
August 10, 2022, 3:01pm
2
Hi,
Keycloak does not continue executing a login flow when returning from an upstream IdP. When returning from an IdP, the flow is always finished:
Hi all,
Is there a way to configure authenticator executions to run after the IDP brokering completes?
The only way I have figured out how to do this is to create a custom post-broker-login flow, and set it as the IDP’s post-broker-login flow.
While this is technically possible, it means I have to write all of my custom authenticators in such a way that they are able to run for every login from this IDP.
For example, I have a custom authenticator that I only want to run after brokered logins…
A workaround is to define an extra flow containing the OPT authenticator and configuring this extra flow as post-broker-login flow:
Hello,
We would like to use Google or Microsoft IdP.
That works fine.
BUT we would like also to force 2FA while getting authenticated thanks to these social IdP.
→ How to correctly proceed ?
We tried to configure a post-login flow like this:
[image]
BUT we got the error below ==> Why ?
[image]