Authentication Flows : X509 Direct Grant as alternative with username validation and password
170 views
Skip to first unread message
Paolo de vathaire
Jan 13, 2021, 12:27:39 PM1/13/21
to Keycloak User
Hello,
I'm using keycloak 10.0.2 and I'm trying de configure an authentication flow to authenticate user with an x509 certificate or with user/password credentials. Both alternatives must work.
With my understanding of the documentation I tried to create the following :
With my understanding of the documentation I tried to create the following :
Flow 1 (alternative)
Execution 'Username Validation' (required)
Execution 'Password' (required)
Flow 2 (alternative)
Execution 'X509/Validate Username' (required)
As a result only the user/password flow works and if I try to switch the order only the x509 flow works.
In the first case I get the error 'X509 client certificate is missing.'
In the other case I get the error 'Missing parameter: username'
How do you think I should configure the authentication flow to achieve my goal please ?
Reply all
Reply to author
Forward
0 new messages