[jira] [Created] (CAMEL-23455) camel-keycloak: Add authentication flow management operations

Fri, 08 May 2026 02:41:10 -0700 

Andrea Cosentino created CAMEL-23455:
----------------------------------------

             Summary: camel-keycloak: Add authentication flow management 
operations
                 Key: CAMEL-23455
                 URL: https://issues.apache.org/jira/browse/CAMEL-23455
             Project: Camel
          Issue Type: Improvement
          Components: camel-keycloak
            Reporter: Andrea Cosentino


The component does not currently expose Keycloak authentication-flow 
management. Authentication flows define the sequence of steps users go through 
during login (browser flow, direct grant, registration, etc.) and are a core 
configuration primitive for hardening realms (MFA, conditional OTP, custom 
authenticators).

h3. Proposed new KeycloakOperations

h4. Flow CRUD
* {{createAuthenticationFlow}}
* {{copyAuthenticationFlow}} — duplicate a built-in flow as a base for 
customization
* {{deleteAuthenticationFlow}}
* {{getAuthenticationFlow}}
* {{listAuthenticationFlows}}
* {{updateAuthenticationFlow}}

h4. Executions within a flow
* {{listAuthenticationFlowExecutions}}
* {{addAuthenticationFlowExecution}}
* {{updateAuthenticationFlowExecution}}
* {{removeAuthenticationFlowExecution}}
* {{raiseAuthenticationFlowExecutionPriority}}
* {{lowerAuthenticationFlowExecutionPriority}}

h4. Required actions and bindings
* {{listRequiredActions}}
* {{updateRequiredAction}}
* {{bindAuthenticationFlowToRealm}} — set the browser / direct-grant / 
registration flow at realm level
* {{bindAuthenticationFlowToClient}} — override flow per client

h3. References
* Keycloak Admin REST API: {{/admin/realms/\{realm\}/authentication/flows}}
* Keycloak Admin REST API: 
{{/admin/realms/\{realm\}/authentication/required-actions}}
* Use case: programmatic provisioning of MFA / conditional-OTP flows during 
realm setup

h3. Acceptance criteria
* All operations implemented in {{KeycloakProducer}}
* New header constants in {{KeycloakConstants}} for flow alias / execution id / 
required-action alias / client id
* Integration tests covering: copy a built-in browser flow, add a 
conditional-OTP execution, bind it to a client
* {{keycloak-component.adoc}} is updated with a worked example (provision MFA 
flow)




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to