Keycloak 2FA Email Authentication Plugin

Keycloak 2FA Email Authentication Plugin to add Email-based 2FA support to Keycloak.

Plugin uses the default SMTP provider that you can set in Realm Settings -> Email.

Tested with Keycloak <= v18.0.0.

For demo purposes only. Use at your own risk.

Inspired by Keycloak 2FA SMS Authenticator

Setup

build JAR file
```
./gradlew shadowJar
```
You can find the .jar in build/libs.
copy files into Keycloak
- cp build/libs/keycloak-email-authenticator-1.0-SNAPSHOT-all.jar /opt/keycloak/providers/
- cp src/main/resources/theme-resources/templates/login-email.ftl /opt/jboss/keycloak/themes/base/login/
add message texts e.g. like this
- cat src/main/resources/theme-resources/messages/messages_en.properties >> /opt/jboss/keycloak/themes/base/login/messages/messages_en.properties
setup new authentication flow in Keycloak Authentication -> Flows and update bindings in Authentication -> Bindings
optional: configure plugin settings like Email Subject, Code Length, TTL, ...

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
gradle/wrapper		gradle/wrapper
src/main		src/main
.gitignore		.gitignore
LICENSE.md		LICENSE.md
README.md		README.md
build.gradle		build.gradle
gradle.properties		gradle.properties
gradlew		gradlew
gradlew.bat		gradlew.bat
settings.gradle		settings.gradle