OTP via sms/email and OTP token duration

Hi all,
my company decided to use KeyCloak and i need to understand if it’s possible to implement the following list of requests:

  • OTP must be provided not only via GoogleAuthenticator or FreeOTP app but also via email and sms ( user is free to choose which of these 3 methods to use)
  • OTP session must be time-boxed ( it must last 10days) and be tied to a device: let’s me try to explain better… once the user has logged in inserting the OTP, for the nexts 10 days he will no longer be asked to enter the OTP code unless he has changed his browser.

Is it possibile to do it with KeyCloak?
Could you give me some info/hints?

Sorry for my english… i hope i was able to explain my problems.

Best Regards,

This is the exact scenario we are searching for. We would be very appreciative of any help.

See my blog post and the corresponding video for a possible start:


Take a look at keycloak two factor email authenticator provider