Learn how to add MFA to your Keycloak login flow with Authsignal.
MFA challenge via Authsignal pre-built UI.
Enable authenticators
Get API keys
Download the provider JAR files
Download the Authsignal Java SDK JAR file
Copy the JAR files to the /providers/
directory
Access your Keycloak Admin panel
Navigate to your project's Realm, and then to the 'Authentication' section
Select the 'browser' flow
Accessing the browser flow
Create a copy of this flow using the 'Action' dropdown in the top-right
Creating a copy of the browser flow
In your new copied flow, remove the existing 'Conditional OTP' authentication step.
Removing the existing Conditional OTP step
Add the Authsignal provider to the flow.
Adding the Authsignal provider step
Select the Authsignal Authenticator.
/providers/
folder in the previous steps, you will see the Authsignal Authenticator listed in the menu - select it to add it to your flow.Adding the Authsignal provider step
After adding the Authsignal Authenticator step
Ensure the Authsignal Authenticator step is required.
Ensuring the Authsignal Authenticator step is required
Click the settings cog on the Authsignal Authenticator step.
Configuring the Authsignal Authenticator
Enable the new Authsignal flow
browser
flow to enable the new Authsignal flow.