Interface Authenticator

    • Method Detail

      • authenticate

        void authenticate​(AuthenticationFlowContext context)
        Initial call for the authenticator. This method should check the current HTTP request to determine if the request satifies the Authenticator's requirements. If it doesn't, it should send back a challenge response by calling the AuthenticationFlowContext.challenge(Response). If this challenge is a authentication, the action URL of the form must point to /realms/{realm}/login-actions/authenticate?code={session-code}&execution={executionId} or /realms/{realm}/login-actions/registration?code={session-code}&execution={executionId} {session-code} pertains to the code generated from AuthenticationFlowContext.generateAccessCode(). The {executionId} pertains to the AuthenticationExecutionModel.getId() value obtained from AuthenticationFlowContext.getExecution(). The action URL will invoke the action() method described below.
        Parameters:
        context -
      • requiresUser

        boolean requiresUser()
        Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?
        Returns:
      • configuredFor

        boolean configuredFor​(KeycloakSession session,
                              RealmModel realm,
                              UserModel user)
        Is this authenticator configured for this user.
        Parameters:
        session -
        realm -
        user -
        Returns:
      • areRequiredActionsEnabled

        default boolean areRequiredActionsEnabled​(KeycloakSession session,
                                                  RealmModel realm)
        Checks if all required actions are configured in the realm and are enabled
        Returns: