Hello everyone,
I’m implementing a custom Conditional Authentication Factory, within my logic I would like to check if the user has OTP devices registered or not.
Does anyone know the API to get list of OTP Devices of a User?
Thanks,
Tuan Do
Have you checked the following?
{user}.credentialManager().getStoredCredentialsByTypeStream(OTPCredentialModel.TYPE)
1 Like
Thank you here is my code after searching keycloak code:
OTPCredentialProvider otpCredentialProvider = (OTPCredentialProvider)context.getSession().getProvider(CredentialProvider.class, OTPCredentialProviderFactory.PROVIDER_ID);
return otpCredentialProvider.isConfiguredFor(context.getAuthenticationSession().getRealm(), context.getUser());
You initial question is ambigiously worded.
First, you ask for “if the user has OTP devices registered or not”, then “the API to get list of OTP Devices of a User”. Also the title of your post asks for the list of OTP devices of a user.
Your resulting code solves the former, @embesozzi told you the code for the latter.
Always make sure to formulate your questions clearly.
1 Like
that’s very good point. I think during the asking I found the new APIs which I post to just tell me if User get OTP device configured or not to continue the process authentication.
Next time I will make my question more clearly and updated according to the context thank you.
1 Like