I'm new to Keycloak, and trying to customize login-phase to add dynamic parameters as user-session-notes.
In the legacy system, users login with username, password and additional parameter - lets call it dynamic-parameter. This dynamic-parameter can be different in each user-login, and depends on the user. It is being used for security-checks when user sends request to a service.
When moving to Keycloak, I tried to find a way to add dynamic-parameter in login-phase, so when sending request to a service with a token, the service can retrieve that dynamic-parameter and perform the security-checks. I didn't manage to find a way to do it nicely with Keycloak current capabilities.
Is there any Execution Flow that can be added along UsernamePasswordForm that can achieve this?
The closest things I found about this are threads that suggest self-development of Authenticator:
At last I created custom authenticator that puts the dynamic parameters as user-session-notes - by implementing Authenticator and AuthenticatorFactory. Following How to create custom authenticator.