In my Keycloak flow, I need to create a conditional step...
Basically, the point is - that user first authenticates using login and password. If he enters correct login/password, then I would like Keycloak to call an external API (let's call it "Fraud prevention system API") that based on some internal logic decides, if 2FA will be required, and what kind of 2FA challenge should it be (OTP, Email, SMS, ...).
So basically I need to be able to call an external API, provide some inputs to it and process the condition based on the API's answer.
I tried looking at the flows docs and SPI docs but I'm definitely missing something as I still can not understand where to start.