I am wondering if Keycloak has the functionality to disable a user if they try to sign in from overseas?
We are trying to deny access outside of country due to legal requirements of the data stored.
There’s no such option available ootb.
But you can implement a custom authenticator and use it in a customized authentication flow, so that if the users ip address doesn’t match your desired countries, authentication will be aborted.