TOTP QR Code Regeneration

Hi All,

I’ve noticed that with the TOTP configuration authentication flow, if users enter the wrong token code, the page is refreshed and a new QR code (and ‘manual entry’ option) are generated. I can foresee this being a problem as if users don’t notice that the QR code has changed, (and rescan the code), they will never enter the right code.

Is KC meant to function this way? From what I can tell, a new TotpBean is created everytime the Freemaker template generates its HTML contents. Is there a way to make it display the same QR code if the user enters the wrong token? I’ve also seen it happen in the ‘Account Management’ section too.

Regards,

Stuart.

how u create first Qr code in keycloak through rest api.(postman)

@SSR did you ever figure out a way to disable this behavior? It’s been very problematic for some of our users trying to set up a new account.

We are on 7.4.10 and still, we are also experiencing this issue. Any fix for this issue?