Keycloak: Custom Authentication Flows

Keycloak is a highly customizable Identity and Access Management solution. You can build very complex authentication flows using reach SPI for Java and JavaScript.

In this video, I'm showing you how to write a simple IP-based authenticator which will either force or skip MFA OTP authentication based on the user IP address. If the user is signing in from a trusted network the MFA OTP is skipped, otherwise, MFA OTP is always forced.

Source code is available on GitHub: https://github.com/lukaszbudnik/keycl...

To find out more about Keycloak check out my Keycloak playlist:    • Deploying Keycloak cluster on Kubernetes