I have a service with multiple domains. And I want to implement Sso in this service. I tried to implement it using keycloak I want to create a new login page with react instead of the login page of Key Clock. And I am thinking of implementing a spring security server separately to add an email or sms 2factor function.
In order to do that, I think I should use keycloak rest api. But the problem is that I don't know how the key clock login page authenticates the user.
Can I know the login flow of the key clock in detail?
For example, if I want to check if Service 1 is logged in, do I need to redirect to the login page of Key Clock to check the cookie or session ID of the login page? So how do I know if I'm constantly logged in?
CodePudding user response:
Keycloak already provides a way to edit Login flow. You can also add more fields etc. to the Login Form and add 2 factor authentication as well. The only thing is, you will have to use Freemarker
for the same.
See, https://www.keycloak.org/docs/latest/server_development/#implementing-an-authenticator and https://www.keycloak.org/docs/latest/server_development/#_themes