Custom Token valid time

[ferranmartinezlleida]

Hi, do you know if you can customize the time interval where the OTP token is still valid from the SPI module? Or it is something that you can already customize from the master console? Thank you

[mesutpiskin]

The validity time of OTP tokens can be customized in Keycloak from the master console under the realm settings. However, this is a global setting that applies to all OTP token generation, not just for this specific SPI module.

To customize the OTP token validity time for this particular SPI module, you would need to modify the code to include a configurable time interval. For example, you could add a new configuration option to the SPI module that allows you to specify the token validity time, and then modify the generateAndSendEmailCode method to use this value when generating the OTP token.

[ferranmartinezlleida]

I see...I found this customization inside Keycloak but after trying to set it some way it became clear real quick that wouldn't work with the SPI.

Do you know if there's some kind of built in method inside keycloak java libraries to specify this validity time when creating it? I tried to look the documentation but it's not very helpful.

[ferranmartinezlleida]

I endend up using another setAuthNote to store the generation of the token and then comparing it its submission time. Thanks for responding so fast

[Tim-is-coding]

You can find an example here https://github.com/intensiongmbh/keycloak-otp-login/tree/master/src/main/java/de/intension/keycloak