UX problem : how to show authentification errors on login page

Hi community,

I’m facing a challenge with UX constraints about displaying authentification errors to end user :

I’m using the login page of keycloak and would like to customize it to what my customer is currently displaying to its end users.

When authenticating with social login, let’s say Google, I’m adding additional authentication checks on worklow ‘first-broker-login’ and ‘post-login’. Those authenticators might fail the workflow of authentication which should lead to an error message displayed to the end user. i.e : your account is not valid to connect to application A, please contact your adminstrator.

The UX problem I’m facing is that this error message is printed on a “error page”. I would like to print this error message on the login page (the first page of the flow).

I have tried numerous options in my authenticator without success :

context.challenge( context.form()
.setError(e.getMessage(), brokerUsername, brokerContext.getIdpConfig().getAlias())
.createLoginUsernamePassword());
context.failure(…)
context.cancelLogin()
context.resetFlow()

without success.

Does anyone know if this use case is possible?

Thanks in advance,
Olivier

I guess this use case is not valid based on how Keycloak manages authentication.

The “login page” is part of the browser flow mapped to the login authentication flow which ends with either an error page or a success redirection.

Anyway, would it be possible to restart an authentication flow with an error shown from a previous authentication flow?

My use case is the following :
A user would like to authenticate from google connect. In my realm, he can only log from a custom domain.
If he tries to login from a default gmail account, the authentication will fail, but I would like to display the error from the login screen.
Would that mean in keycloak flow that I should restart a new authentication flow? How can I display an error message from a previous flow?

Thanks in advance for your tips,
Olivier