melegiul
commented
3 months ago Thanks. I'm glad to hear you found it useful. Your proposal about a skip option sounds reasonable to me. We just need another name for the plugin :wink:
Yes, please. Any pull requests are welcome if you like to provide one.
Thank you for maintaining this set of plugins for Keycloak. They really make our lives easier as long as Keycloak doesn't support all of this out-of-the-box.
I might have gotten something wrong here as the name "enforce mfa" does not imply optional mfa configuration on login. However, I'd like to hear your thoughts about this feature-request. If you accept this feature-request I could also provide a PR.
Skip MFA setup (configurable)
In a few of our projects we have the requirement to make the user choose the preferred MFA method or to just skip it. It could look like this for user:
In order to show the "Skip setup" link to the user, admins can configure the Enforce-MFA step of the browser flow to be optional. Currently, there's no configuration option for that, but we could add one.