I have an external identity provider (OpenLdap or AD). I configured Keycloak to federate the users form Ldap server. I'd like to enable OTP flow for these users without impoting them in Keycloak's database. Is there any way or procedure to do it ?
OTP belongs to the user, so user must be imported in the Keycloak DB. So you can do that, but without without importing them in Keycloak's database requirement.