This Keycloak extensions allows implementing conditional authentication flows based on the client's IP address. For example, if you want to show an OTP form only for users connecting from outside your corporate network, you can use this extension to do so.
Supports IPv6 and IPv4. Supports single IP addresses and IP ranges in CIDR as well as netmask notation. Examples: 192.168.1.5
, a:b:c:d::/64
, 145.251.153.32/255.255.0.0
keycloak-ipaddress-authenticator-{version}-jar-with-dependencies.jar
from the Releases Tab and verify the checksum. Alternatively you can build build from source.
keycloak-ipaddress-authenticator-{version}.jar
: This jar only contains the compiled code for this extension itself, so you need to add all dependencies manually (see pom.xml
.mvn clean package
target
directory.