[jira] [Updated] (CAMEL-23455) camel-keycloak: Add authentication flow management operations

Fri, 08 May 2026 02:42:14 -0700 


     [ 
https://issues.apache.org/jira/browse/CAMEL-23455?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrea Cosentino updated CAMEL-23455:
-------------------------------------
    Fix Version/s: 4.21.0

> camel-keycloak: Add authentication flow management operations
> -------------------------------------------------------------
>
>                 Key: CAMEL-23455
>                 URL: https://issues.apache.org/jira/browse/CAMEL-23455
>             Project: Camel
>          Issue Type: Improvement
>          Components: camel-keycloak
>            Reporter: Andrea Cosentino
>            Assignee: Andrea Cosentino
>            Priority: Major
>             Fix For: 4.21.0
>
>
> The component does not currently expose Keycloak authentication-flow 
> management. Authentication flows define the sequence of steps users go 
> through during login (browser flow, direct grant, registration, etc.) and are 
> a core configuration primitive for hardening realms (MFA, conditional OTP, 
> custom authenticators).
> h3. Proposed new KeycloakOperations
> h4. Flow CRUD
> * {{createAuthenticationFlow}}
> * {{copyAuthenticationFlow}} — duplicate a built-in flow as a base for 
> customization
> * {{deleteAuthenticationFlow}}
> * {{getAuthenticationFlow}}
> * {{listAuthenticationFlows}}
> * {{updateAuthenticationFlow}}
> h4. Executions within a flow
> * {{listAuthenticationFlowExecutions}}
> * {{addAuthenticationFlowExecution}}
> * {{updateAuthenticationFlowExecution}}
> * {{removeAuthenticationFlowExecution}}
> * {{raiseAuthenticationFlowExecutionPriority}}
> * {{lowerAuthenticationFlowExecutionPriority}}
> h4. Required actions and bindings
> * {{listRequiredActions}}
> * {{updateRequiredAction}}
> * {{bindAuthenticationFlowToRealm}} — set the browser / direct-grant / 
> registration flow at realm level
> * {{bindAuthenticationFlowToClient}} — override flow per client
> h3. References
> * Keycloak Admin REST API: {{/admin/realms/\{realm\}/authentication/flows}}
> * Keycloak Admin REST API: 
> {{/admin/realms/\{realm\}/authentication/required-actions}}
> * Use case: programmatic provisioning of MFA / conditional-OTP flows during 
> realm setup
> h3. Acceptance criteria
> * All operations implemented in {{KeycloakProducer}}
> * New header constants in {{KeycloakConstants}} for flow alias / execution id 
> / required-action alias / client id
> * Integration tests covering: copy a built-in browser flow, add a 
> conditional-OTP execution, bind it to a client
> * {{keycloak-component.adoc}} is updated with a worked example (provision MFA 
> flow)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to