@Override public CredentialValidationOutput authenticate( KeycloakSession session, RealmModel realm, CredentialInput input) { List<UserFederationProviderModel> fedProviderModels = realm.getUserFederationProviders(); List<UserFederationProvider> fedProviders = new ArrayList<UserFederationProvider>(); for (UserFederationProviderModel fedProviderModel : fedProviderModels) { UserFederationProvider provider = session.users().getFederationProvider(fedProviderModel); if (input instanceof UserCredentialModel && provider != null && provider.supportsCredentialType(input.getType())) { CredentialValidationOutput output = provider.validCredentials(realm, (UserCredentialModel) input); if (output != null) return output; } } List<CredentialAuthentication> list = UserStorageManager.getStorageProviders(session, realm, CredentialAuthentication.class); for (CredentialAuthentication auth : list) { if (auth.supportsCredentialAuthenticationFor(input.getType())) { CredentialValidationOutput output = auth.authenticate(realm, input); if (output != null) return output; } } list = getCredentialProviders(realm, CredentialAuthentication.class); for (CredentialAuthentication auth : list) { if (auth.supportsCredentialAuthenticationFor(input.getType())) { CredentialValidationOutput output = auth.authenticate(realm, input); if (output != null) return output; } } return null; }