Password Reset via SMS

mh03r932 · December 16, 2020, 12:01am

Hello Keycloak experts.

We would like our users to provide a mobile number instead of an email when creating a registration and as a consequence we have to following requirements:

mobile number validation via SMS during registration
passoword reset through SMS

We do not require 2Factor / OTP via SMS

We now there are several Opensource SPIs but most of them are concerned with OTP only or password reset only.

Does Keycloak allow to customize the Flows enough to make this possible (especially pw reset)?

anuj-aneja-uc · October 5, 2021, 5:13am

Did you implement the same? I was also looking to build the similar thing. Password reset via SMS OTP. Any direction/help will be highly appreciated.

mh03r932 · October 5, 2021, 12:27pm

Hi
Our requirements changed and we did go for 2factor Authentication using SMS in the end. You will have to create and deploy a new Authenticator using the Keycloak SPI. As a starting point you could look at

or

It is possible to create a copy of the existing password-reset flow in keycloak and configure it to use the SPI for SMS OTP Codes.

Topic		Replies	Views
OTP via sms/email and OTP token duration Extending the server	3	6598	October 21, 2022
Is there a way for a standard user to do an OTP reset? Getting advice authentication	9	8747	January 18, 2024
Custom SMS authenticator in keycloak version 8 authentication	7	4707	April 12, 2021
OTP Authentication after Password reset Getting advice	2	865	January 19, 2022
Redirect to register page if mobile number is not in keycloak Getting advice	1	1576	January 31, 2020

Password Reset via SMS

Related Topics