PAM module for authenticating against Keycloak
- Install libpam-python
- Fetch source
- Create virtualenv
- Install requirements
- Add to pam.d
Create new OpenID Connect client. Add client ID and secret to config file.
First need new authentication flow to allow OTP to be bypassed Clone the direct flow grant as 'direct flow no OTP' and disable OTP
Secondly create new client of type OpenID Connect with access type confidential In authentication flow overrides, set direct grant flow to the new direct grant flow created earlier
use pamtester