OTP via sms/email and OTP token duration

Ale · March 3, 2021, 1:53pm

Hi all,
my company decided to use KeyCloak and i need to understand if it’s possible to implement the following list of requests:

OTP must be provided not only via GoogleAuthenticator or FreeOTP app but also via email and sms ( user is free to choose which of these 3 methods to use)
OTP session must be time-boxed ( it must last 10days) and be tied to a device: let’s me try to explain better… once the user has logged in inserting the OTP, for the nexts 10 days he will no longer be asked to enter the OTP code unless he has changed his browser.

Is it possibile to do it with KeyCloak?
Could you give me some info/hints?

Sorry for my english… i hope i was able to explain my problems.

Best Regards,
Ale

mojtabasadeghi · April 4, 2021, 5:12am

This is the exact scenario we are searching for. We would be very appreciative of any help.

dasniko · April 4, 2021, 8:48am

See my blog post and the corresponding video for a possible start:

mesutpiskin · October 21, 2022, 7:29am

Take a look at keycloak two factor email authenticator provider
https://github.com/mesutpiskin/keycloak-2fa-email-authenticator

Topic		Replies	Views
Add new email and send it from my custom authentication provider Extending the server authentication	8	7936	July 30, 2020
Password Reset via SMS	2	2003	October 5, 2021
General question about Keycloak Configuring the server	1	187	November 28, 2023
How create registration flow with otp	1	1507	December 20, 2021
Forward second authentication on registered email address rather than on mobile application - 2FA Getting advice admin-console , authentication	1	312	November 29, 2022