accounts must have an active totp or webauthn authenticator before Keycloak will grant IdP use. this is waived if the account is connected to Google or a peering SSO IdP (but the account password will be subsequently disabled).

if you're eligible for an account and operate your own SSO infrastructure that can offer SAML or OIDC IdP, reach out and we can wire things up ⚡️

  • Last modified: 2022/12/12 00:19
  • by Harley Watson