Keycloak Authentication Provider implementation to get a 2nd-factor authentication with an OTP/code/token send via Email (through SMTP)
When logging in with this provider, you can send a verification code (otp) to the user's e-mail address. Tested with Keycloak version 19.0.3, if you are using different Keycloak version, don't forget to change the version in pom.xml file.
The Server Development part of the Keycloak reference documentation contains additional resources and examples for developing custom Keycloak extensions.
mvn package will be create a jar file.
copy keycloak-2fa-email-authenticator-1.0.0.0-SNAPSHOT.jar to keycloak/providers/ directory.
if you are Dockerized keycloak then copy to /opt/jboss/keycloak/standalone/deployments/ directory.
html/code-email.ftl is a html email template. Copy to themes/base/email/html/
text/code-email.ftl Copy to themes/base/email/text/
messages/*.properties Append to themes/base/email/messages/messages_en.properties
SMTP setting configure for e-mail send. Realm Settings/Email
Create new browser login authentication flow and add Email OTP flow before Username Password Form.
