Reputation: 1729
I need to "implement" the following flow in keycloak as idp:
I saw the Brute Force detection under Authentication in Keycloak. But my scenario adress both the temporary and permanent lockout.
Do you have any idea about a possible approach to address this requirement?
Upvotes: 2
Views: 8743
Reputation: 6450
Keycloack has only one implementation of BruteForceProtector in the box: DefaultBruteForceProtector
You can implement your own provider:
Keycloak is designed to cover most use-cases without requiring custom code, but we also want it to be customizable. To achieve this Keycloak has a number of Service Provider Interfaces (SPI) for which you can implement your own providers.
Upvotes: 1