MFA/OTP authentication not working with RH-SSO LDAP user federation
Issue
- Activating
MFA (Multi Factor Authentication) in RH-SSO with users from LDAP user federation provider
is failing with below error during login :
13:07:01,223 WARN [org.keycloak.services] (default task-6) KC-SERVICES0013: Failed authentication: org.keycloak.models.ModelException: Not possible to write 'required action CONFIGURE_TOTP' when updating user 'testuser'
- When I want to login with a
LDAP federated user not having an OTP registered
and I want to register my device during login (as part of the OTP Form Authentication) login fails.
Environment
- Red Hat Single Sign-On (RH-SSO)
- 7.x
- LDAP
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.