Replies: 1 comment 1 reply
-
|
you can follow to implement this case Modify your authentication flow: Within your authentication flow, after the user successfully enters the OTP and is authenticated, you can add an action that marks the device as trusted. This can be done by setting a custom attribute or flag on the user's session or user profile, indicating that the device is trusted. Remember me functionality: Keycloak provides a "Remember Me" feature that allows users to stay authenticated on a device for a longer period without requiring the OTP again. You can enable the "Remember Me" feature in Keycloak's realm settings. This feature typically works by issuing a long-lived browser cookie that stores the user's authentication session. When the user accesses the application again from the same device, the session is restored, and the user is considered authenticated without the need for OTP verification. Custom device recognition: If you want to implement a custom device recognition mechanism, you can use device fingerprints or other techniques to identify and remember trusted devices. This would require additional development and integration with Keycloak. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks very much for that. Very useful. I will try some of these features out. Cheers |
Beta Was this translation helpful? Give feedback.
-
Hi,
Is there a mechanism such that once a client device has authenticated it can be "remembered" such that the next session login from that same device does not require the OTP?
In other words I authenticate from a device, next time I authenticate on that same device I do not need another OTP as the device is marked as trusted.
Cheers
Beta Was this translation helpful? Give feedback.
All reactions