Simple Identity Brokering First Login Flow The post describes creation of Simple Identity Brokering First Login Flow.
What is First Login Flow? The First Login Flow is a workflow that will be used after a user logins the first time to Keycloak from an external Identity Provider .
Keycloak provides the First Login Flow out of the box and it described here
The provided flow performs a lot of actions.
What will I cover in this post? We will learn how to configure Two-Factor authentication in Keycloak
In this post, I plan on:
Explaining what is Two-Factor Authentication Explaining what is Keycloak Two-Factor Authentication Explaining how to configure Two-factor authentication in Keycloak Do not forget to follow me on Twitter
What is Two-Factor Authentication? According to wikipedia: Two-factor authentication (also known as 2FA) is a method of confirming a user’s claimed identity by utilizing a combination of two different factors:
Keycloak Password Policy The post describes how to configure Password Policy in Keycloak
What is a password policy? A Password Policy is the set of restrictions and/or requirements that a user must follow to ensure that their password is strong.
Keycloak configuration Open Keycloak admin page, open Authentication, go to the Password Policy tab.
Click on the Add policy … to see the list of available password policies.
Keycloak documentation related to Password Policies is here
Keycloak Brute Force Protection The post describes how to configure Brute Force Protection in Keycloak
What is a brute force attack? According to OWASP: “A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works”
Keycloak configuration Open Keycloak admin page, open Realm Settings, go to the Security Defenses tab and open the Brute Force Protection tab.
Hi everyone! This is my first post. Stay tuned for security updates!