KEYCLOAK ADVANCED AUTHENTICATION
We offer the Keycloak Advanced Extension Pack (SPIs) to enhance Keycloak’s functionality. As you might know this is the standard way to add custom functionality to the platform.
We are proud to introduce a native authentication experience in Keycloak through an API-based approach, based on the proposed OAuth 2.0 standard for first-party apps. With this new method of authentication, the application controls each authentication step based on the information returned by Keycloak. This eliminates the need for traditional approaches that require redirection to the Identity Provider or the use of less recommended OAuth grants, such as Resource Owner Password Credentials. In the following video, you will see the enhanced user experience in the native scenario with passkeys, resulting in improved UX and security.
For more information about this approach, please review the article that discuss it in detail.
In relation to the authentication mechanisms offered in this Keycloak advanced pack, we provide the following details. You will see whether it supports browser and/or native experiences.
Browser Based
Authentication |
Native
Authentication |
|
Passwordless: Passkeys Autofill | ||
Passwordless: OTP By SMS | ||
Passwordless: OTP by Email | ||
Passwordless: Device | ||
Security: Google Enterprise Captcha | In Roadmap | In Roadmap |
Passwordless: Google One Tap | In Roadmap |
We are continually evolving our advanced authentication features to keep pace with the latest identity standards. Our company philosophy is to adhere to these standards, as they ensure both security and interoperability.