mesutpiskin / keycloak-2fa-email-authenticator

🔒 Keycloak Authentication Provider implementation to get a two factor authentication with a OTP/code/token send via Email (through SMTP)
https://medium.com/@mesutpiskin/two-factor-authentication-via-email-in-keycloak-custom-auth-spi-935bbb3952a8
Apache License 2.0
165 stars 91 forks source link

Sometimes the OTP is not required (skipped) #36

Open elarbi opened 7 months ago

elarbi commented 7 months ago

Hi,

I've deployed the extension to Keycloak 24.0.1, it work fine excpet for a scenario where I'm able to authenticate a user without having to provide an OTP. The OTP form is skipped. Here's the scenario (under Chrome):

Any clue pls

Best regards