Keycloak Authentication Provider implementation to get a two factor authentication with an OTP/code/token send via Email (through SMTP)
When logging in with this provider, you can send a verification code (otp) to the user's e-mail address. Tested with Keycloak version 21.x, if you are using different Keycloak version, don't forget to change the version in pom.xml file.
The Server Development part of the Keycloak reference documentation contains additional resources and examples for developing custom Keycloak extensions.
You can download the necessary artifacts for Keycloak 2FA Email Authenticator from the release on GitHub. Please choose the appropriate version based on your Keycloak installation.
mvn package will be create a jar file.
copy keycloak-2fa-email-authenticator.jar to keycloak/providers/ directory.
if you are Dockerized keycloak then copy to /opt/jboss/keycloak/standalone/deployments/ directory.
html/code-email.ftl is a html email template. Copy to themes/base/email/html/
text/code-email.ftl Copy to themes/base/email/text/
messages/*.properties Append to themes/base/email/messages/messages_en.properties
SMTP setting configure for e-mail send. Realm Settings/Email
Create new browser login authentication flow and add Email OTP flow before Username Password Form.
