Can be applied to Client authentication flow only.
This authenticator extends the default Client Id and Secret authenticator, by conditionally being able to validate a provided HTTP Header.
Use with Maven (>3) and JDK (>= 21).
mvn clean verify
Copy deployments/conditional-http-header-authenticator-jar-with-dependencies.jar to /providers/ directory in Keycloak.
See https://github.com/elexis/keycloak-auth-deny-user-nosecondfactor for a usage example.