Force authentication only with tokentype
107 views
Skip to first unread message
iamo...@gmail.com
May 17, 2017, 5:45:01 AM5/17/17
to privacyidea
Hi all!
We have a little problem with our rest api. Ive installed Privacyidea in one of our servers and my partner is the one in charge for coding a plugin between our app and privacyidea. Is there a parameter to force a certain tokentype from a particular user-id to authenticate against privacyidea? The user has like three tokens paper, totp, and hotp and I was wondering if we could force paper for this? I mean this would only affect the plugin and NOT other plugins authenticating against the server like owncloud and freeradius.
With kind regards,
Jojo
We have a little problem with our rest api. Ive installed Privacyidea in one of our servers and my partner is the one in charge for coding a plugin between our app and privacyidea. Is there a parameter to force a certain tokentype from a particular user-id to authenticate against privacyidea? The user has like three tokens paper, totp, and hotp and I was wondering if we could force paper for this? I mean this would only affect the plugin and NOT other plugins authenticating against the server like owncloud and freeradius.
With kind regards,
Jojo
Cornelius Kölbel
May 17, 2017, 5:39:11 PM5/17/17
to privacyidea
Please take a look at the tokentype policy.
Kind regards
Cornelius
iamo...@gmail.com
May 18, 2017, 1:19:59 PM5/18/17
to privacyidea
Hi Cornelius,
Thanks! Im still looking at the policies and how to mix it up. Currently I only have 2 policies 1 authentication and 1 webui. I have another problem, but its not related to the previous one. Here it is, the server does not accept my correct totp generated from my smartphone just because I previously entered a wrong totp one time? I mean Im pretty much sure that I entered the correct totp after the wrong one within the 30 seconds time. So I tried to log in again from the start and carefully entered the totp and it works. It seems that the system does not allow wrong totp or did I miss some configurations? Can this be tweaked?
With kind regards
Jojo
Thanks! Im still looking at the policies and how to mix it up. Currently I only have 2 policies 1 authentication and 1 webui. I have another problem, but its not related to the previous one. Here it is, the server does not accept my correct totp generated from my smartphone just because I previously entered a wrong totp one time? I mean Im pretty much sure that I entered the correct totp after the wrong one within the 30 seconds time. So I tried to log in again from the start and carefully entered the totp and it works. It seems that the system does not allow wrong totp or did I miss some configurations? Can this be tweaked?
With kind regards
Jojo
Reply all
Reply to author
Forward
0 new messages