Incorporating Magic Link into browser authentication flow

I am in the process of integrating a magic link authentication execution into a copy of the browser auth flow, based on stianst/keycloak-experimental/magic-link. I have successfully built and deployed the provider.

Adding the magic-link execution results in the “Try another way” link appearing. The user can then click on this and use the magic-link provider to authenticate. The problem is, when the user clicks on the magic link, they are presented with the login form again.

When magic link is ahead of the username password form in the flow, the link works fine. But, my preference would be for the user to see the login form first, and then switch to the magic link if desired.

The magic-link plugin uses this code to come up with the link:
String link = KeycloakUriBuilder.fromUri(context.getRefreshExecutionUrl()).queryParam("key", key).build().toString();

From what I can tell, the generated link includes an execution parameter that is the correct id for the magic-link executor

However when the link is clicked, the execution param is ignored and the login prompt is displayed.

Any suggestions for how to implement the auth flow I’m aiming for would be appreciated. Alternatively, if someone has a suggestion on how to modify the login template such that I could add a link to a magic-link auth flow directly (rather than having to go through the “try another way”) that would also be appreciated.


It uses a different extension, but you can make this one generate a link directly: Magic Link login: Authenticator and Resource