Use Custom User Attribute (e.g., Phone Number) for SMS OTP Instead of Prompting User

[alireza-rou13]

I am using this plugin to implement SMS-based OTP for MFA in Keycloak. However, I have an existing user attribute (e.g., phoneNumber) that stores the user's phone number. Currently, the plugin prompts the user to enter their phone number again, which is redundant and not user-friendly.

[mediotti]

@alireza-rou13 You can disable the "OTP Configuration" step if your user sign-up process ensure that the phone number will be filled(and more importantly, unique.).
This could be found in: Configure -> Authentication -> Requirement Actions(tab). For testing purposes, you can individually apply that for a user in Users -> Details(tab) -> "Required user actions(field)" -> *remove the "Configure OTP" option*.

[alireza-rou13]

@alireza-rou13 You can disable the "OTP Configuration" step if your user sign-up process ensure that the phone number will be filled(and more importantly, unique.). This could be found in: Configure -> Authentication -> Requirement Actions(tab). For testing purposes, you can individually apply that for a user in Users -> Details(tab) -> "Required user actions(field)" -> *remove the "Configure OTP" option*.

Thank you for developing this plugin!
I have a specific use case that I’d like to address.
My Setup:

I’m using LDAP integration to sync user data from Active Directory (AD) to Keycloak.

The users’ phone numbers are stored in a specific attribute in AD (e.g., mobile or telephoneNumber) and are mapped to a custom attribute in Keycloak (e.g., phoneNumber).

Currently, the plugin prompts users to enter their phone number again during the MFA process, even though the phone number is already available in their profile.

What I Need:

I’d like the plugin to skip the step where it asks the user to input their phone number and instead use the existing phone number attribute (synced from LDAP/AD) for SMS OTP validation.