News
/
/
Definition of groups for querying the second factor and forwarding the HTTP headers

KeyCloak Plugin Version 1.1.0

Definition of groups for querying the second factor and forwarding the HTTP headers

IT security company NetKnights releases version 1.1.0 of the privacyIDEA Keycloak plugin. In this version, groups can be created in which it is defined who should be queried for the second factor.

IT security company NetKnights releases version 1.1.0 of the privacyIDEA Keycloak plugin. In this version, groups can be created in which it is defined who should be queried for the second factor.

Query of the second factor only for previously defined groups

In the new version it is possible to query the second factor only if the user is part of a previously defined group. This new possibility is added in addition to the already existing function of excluded groups. It makes it easier for administrators to define exactly which groups should do two-factor authentication and which should not. For example, in the future it will be easier to protect only accounts with higher permissions by the second factor.

HTTP header forwarding

In addition, selected, configurable HTTP headers can be forwarded to privacyIDEA from the user’s browser or HTTP proxies. This means that it is possible to pass specific information to privacyIDEA. Administrators can use this new setting to create policies in privayIDEA with the conditions.

The last new feature of the update is of interest for users of multiple WebAuthn tokens. In the future, a user who owns multiple WebAuthn tokens can use any of them for authentication.

Availability and Support

The plugin can be downloaded directly from Github.
For critical enterprise use, NetKnights also offers a service level agreement for the Keycloak plugin as an extension to privacyIDEA.