I was wondering how Hydra compares to Keycloak with regard to customization.
I don’t have the requirement at the moment, but I was wondering how one would tackle a scenario like “send a user a magic link” or “one time login url by email”.
When implementing passwordless authentication with “magic links”, the user is sent an email with a link in it. This link will allow them to login directly when clicking on it. It is similar in function to them getting an email with a one-time-use code in it, returning to your app, and entering the code, but without having to actually perform those steps.
I guess with providers like Keycloak, one would need to handle this himself by implementing custom authentication providers and other customizable plugins.
Does Hydra offer anything like this too?
I’m guessing the generation and checking of such a one-time-code could be done in a self-implemented identity provider (no idea if Kratos will offer this?) => generate the code there, link it to the user, send a link to the user, point him to the identity provider, check there if the token is correct, linked to the user and valid… but then what?
How would one then tell hydra to authenticate the user and redirect the user to the target application, already authenticated?
I actually don’t have this requirement myself at the moment, but encountered it elsewhere recently and was wondering how one would tackle this with Hydra?