Hi,
just help on custom Authorization flow.
When Terms and Conditions have been configured in Authentication, the newly registered user can see the Term and Condition page of Keycloak for the first time.
After that, they cannot see it anymore. Is there a way to display the Term and Condition page every time we need it by means of APIs, according to our needs?
Through a custom Authenticator for instance, while I do not want to do it user by user editing the Required User Actions field.
Max
You can set any Required Action in your custom authenticator. You don‘t set the required action on the user, but on the authSession object. There‘s something like .addRequiredAction() or similar (I don‘t have access to code currently) on the AuthenticationSession, which you can obtain via the AuthenticationContext in an authenticator method.
As you suggested, the Terms and Conditions request can be forced when authentication succeeds by the statements
AuthenticationSessionModel authSession = context.getAuthenticationSession();
authSession.addRequiredAction(TANDC_ALIAS);
Now I have to check it in a more complex environment (another story) but it basically works