Hi everyone,
Has anyone been implementing user notifications for:
Implementation of the second one is probably on the easier side of things. The first one is more challenging, though. Perhaps someone knows a Java library that provides a framework doing such checks?
I don’t know about the former issue, as this is quite difficult to determine what “unusual locations” is for you. Probably, it’s different from what somebody else expects…
For the latter, there’s the email event listener already available, you just have to enable it in your realm, by selecting it as an event-listener.
By default, it is sending mails to users for login errors, changed credentials and removed credentials. You can also configure the events you want to listen and send an email to: All provider configuration - Keycloak
IP location is really up to where you are - it should be simple enough in any observability tool or data pipeline to send an alert for any access outside of a certain geo-located IP-range.
For the second, I think it’s a similar answer - use a logging/observability tool to do things like counting credential-resets (or failed logins!), grouping by ASN, IP address, and/or user to get an idea of unusual activity. YMMV.