Nils Behlen
Nils Behlen
The CN has to be unique for the openssl ca to be able to enroll a certificate token. Deleting the token using the webui does not remove it from the...
Create an endpoint for further communication with the authenticator app. Possible uses: - automate the 2-step rollout - retrieve further information about the smartphone for better management in privacyidea -...
The names for policies are somewhat inconsistent. For example in scope=authentication, miscellaneous, there are: * email_challenge_text * emailautosend * passOnNoToken So there is underscores, camelCase and no convention. Maybe this...
If a user has mutliple WebAuthn token, the sign requests looks like this: ``` "multi_challenge":[ { "attributes":{ "hideResponseInput":true, "img":"static/img/FIDO-U2F-Security-Key-444x444.png", "webAuthnSignRequest":{ "allowCredentials":[ { "id":"ZF8QEd3-xkGd-8n53A84eklHfYZdlVA-1SwbxRA1bzF0XMp9a47PJAVayQiI9cgdzFZRA8D_Eg2hM5WW-24jRg", "transports":[ "nfc", "ble", "usb", "internal" ], "type":"public-key"...
It would be great to extend push token to be able to use ecdsa cryptography (at least p256). This will decrease keygen times espically on lower powered smartphones significantly. It...
When enrolling PIV devices with a client, some configurations could be retrieved from the server to be uniform for all enrolled devices: * PIN / Touch policy (Yubi Key) *...
Currently, if send_password or emtpy_pass is enabled and the machine is offline, that sending fails and thus the authentication is failed completely, denying the chance to use offline auth. It...
If there is '.\Username' set as excluded account, the '.' should be resolved before the comparison with the input so that any combination of actual computername and '.' in either...
Add functionality for WebAuthn token. Windows API: https://github.com/Microsoft/webauthn
Use CamelCase for webauthn related field names, as it already done when triggering webauthn challenges, eventhough the other naming uses underscores.