Hi,
I would like to know if there are any specific standard or flow to request a confirmation of type 2FA for the authorization of a specific endpoint, as described below:
-
the User authenticates normally. And receive your access token.
-
the User accesses “resource 1” and consumes the API service normally.
-
Now, the user tries to access “resource 2”. At this point I would like for the authorization to consume this API to be released if there was a request to confirm the authenticity of the user using 2FA.
For this need I create a module for Keycloak?
Thank you.