Closed treydock closed 1 year ago
Can you update this to the changes on master?
I'm curious about the use case for the groups feature. Duo will allow you to pass everyone in, and selectivity enforce MFA or enrollment on a user or group basis at no extra cost. Is there a specific use case that filtering at the Authenticator level makes sense for you?
I rebased against master branch.
I'm not aware of a way to limit Duo access by group other than doing it in the Keycloak SPI. We've been using this approach for quite a long time to ensure members of our "duo" LDAP group are the only ones getting Duo prompts. We use that same group to limit who gets Duo prompts via SSH too.
Add Docker based building of jar file