We are trying to arrive at a solution for an enterprise app
Different Users have different Authentication Methods
- User Type 1 - Password + Captcha
- User type 2 - Biometric [Not device-based] + Password
- User type 3 - Biometric [Device-based, ex on Phone] + Password
If we are going for OpenId protocol, IDP ex Keycloak isn't provided out of the box.
Our application has to be available on the web, and mobile [Android, IOS].
Customising the login page of IDP seems very difficult for biometrics [ React-native etc]
My question: Is it good to write a custom login + OIDC provider from scratch or is there any Auth provider that gives the flexibility to have our own login page and still follow OIDC Auth Code grant flow?